Skip to content
  • There are no suggestions because the search field is empty.

How do I ignore or disable vulnerabilities?

Overview

Security Center allows you to ignore or disable vulnerabilities. These options are useful when:

  • A vulnerability is a false positive

  • The issue is already known and accepted

  • You need to temporarily remove a vulnerability from view

It is important to understand the difference between ignoring and disabling.

Ignore vs. disable. What’s the difference?

Ignore a vulnerability

  • Applies only to selected hosts or web applications

  • The vulnerability is hidden for those selected assets only

  • You can set an expiration date

  • When the expiration date is reached, you will be reminded to:

    • Fix the vulnerability, or

    • Extend the expiration

Recommended for temporary exceptions.

Disable a vulnerability

  • Applies to all hosts and web applications

  • The vulnerability is hidden globally

  • No expiration option

Recommended only when the vulnerability should never appear in your environment (for example, confirmed false positives).

Important notes

  • Ignored or disabled vulnerabilities are still tested during scans.

  • To completely stop a test from running, you must modify the scan profile for network or web application scanning.

How to ignore a vulnerability (specific hosts)

Follow these steps to ignore a vulnerability for one or more hosts:

  1. Log in to Security Center.

  2. Go to Vulnerabilities.

  3. Click Network & Web.

  4. Open the vulnerability you want to ignore.

  5. Select one or more hosts:

    • Check the box next to each host.

    • To select all hosts, check the top checkbox.

  6. Click Ignore.

  7. Select Ignore selected vuln(s).

  8. Choose a reason.

  9. (Optional) Set an expiration time.

  10. (Optional) Place a comment.

  11. Click Ignore to confirm.

The vulnerability is now ignored for the selected hosts.

How to disable a vulnerability (all hosts)

Follow these steps to disable a vulnerability globally:

  1. Log in to Security Center.

  2. Go to Vulnerabilities.

  3. Click Network & Web.

  4. Select one or more vulnerabilities from the list:

    • Check the box next to the vulnerability name.

  5. Click Ignore.

  6. Select Disable this vuln for all assets.

  7. Choose a reason.

  8. Click Disable to confirm.

The vulnerability is now disabled for all hosts and web applications.