How To Accept a Risk

Purpose

This document describes how to accept a risk so that it does not appear during the scans.

Introduction

If a risk cannot be mitigated right away, that risk can be accepted so that it will not be picked up by the tool every time a scan runs.

The risk can be accepted for ever or for a short period of time. It is customizable to what ever period of time is needed, if the risk cannot be mitigated right away.

Accepting a Risk

1. Go to Findings > Vulnerabilities in the Portal
   
2. Select a select the vulnerability and right click on the you want to accept.
   
   

   

   
   
   
3. Select Accept Risk in the menu

4. Fill in the date for how long the risk should be accepted to and a comment.
   
   

   

   

   If no comment is given, a default message/comment stating “Transitioned finding status from <original status> to <new status> without user's comment." is saved as a activity log to assist with the reviewing of the finding’s history.

   Customer can also transition non-SWAT findings from other status like FALSE_POSITIVE, FIXED or ACCEPTED.

   Example:
   

   

5. Click Accept when done.
   

   

Related Articles

_Copyright

_{© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.}

_Trademark

_{Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.}