When you view the list of vulnerability matches on the Vulnerability Management window, you might identify a set of matches that are not a risk or that you want to suppress (hide) for now. For example, you might want to create a rule to suppress vulnerability matches related to Adobe products while you address other vulnerability issues. You can create an auto-suppression rule, which hides a set of vulnerability matches. Each time the Vulnerability Management asset model is imported, which is usually scheduled to happen daily, vulnerability matches are re-evaluated, and the latest auto-suppression rules are re-applied.
An auto-suppression rule hides a set of vulnerability matches, but it does not affect matches that are suppressed manually. If you delete an auto-suppression rule and then import the Vulnerability Management asset model, the suppressed matches will no longer be suppressed except for those matches that were manually suppressed. To create a suppression rule, you must be an Administrator.
If a match has a workflow case associated with it, you cannot suppress that match.
To suppress (hide) a match by creating an auto-suppression rule:
-
Open the Cyber Integrity web interface.
-
Click Vulnerabilities > Management in the left navigation bar.
-
Click Suppression Rules. The Automated Suppression Rules window is displayed.
-
Click Add Rule.
-
Set the Vendor rule fields as desired, such as is equal to and Adobe.
-
If you want to suppress matches based on CVSS score, check CVSS Score, and then set those related fields.
-
If you want to suppress matches based on severity, check Severity, and then set those related fields.
-
Click Save Rule. The defined suppression rules are displayed.
-
If you want to disable a rule, clear the check box for the rule in the list.
-
If you want to delete a rule, hover over the rule in the list, and then click Delete.