How To Accept a Risk
Purpose
This document describes how to accept a risk so that it does not appear during the scans.
Introduction
If a risk cannot be mitigated right away, that risk can be accepted so that it will not be picked up by the tool every time a scan runs.
The risk can be accepted for ever or for a short period of time. It is customizable to what ever period of time is needed, if the risk cannot be mitigated right away.
Accepting a Risk
- Go to Findings > Vulnerabilities in the Portal
- Select a select the vulnerability and right click on the you want to accept.
- Select Accept Risk in the menu
Fill in the date for how long the risk should be accepted to and a comment.
If no comment is given, a default message/comment stating “
Transitioned finding status from
" is saved as a activity log to assist with the reviewing of the finding’s history.<original status> to <new status>
without user's comment.Customer can also transition non-SWAT findings from other status like FALSE_POSITIVE, FIXED or ACCEPTED.
Example:
- Click Accept when done.
Related Articles
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.