To resolve specific security findings:
-
Navigate to Security Findings > All Findings on the left-hand navigation and make sure you are on the Active Tab
-
Under the Actions column, click Resolve for the security finding group you want to resolve. You can also select the security finding itself and hit the Resolve button on the side panel that pops out.
- For critical security finding:
- Click on Resolve button
-
Select the reason for how the issue was fixed and hit Resolve.
-
If its a scannable type finding, you will know if the resolution was successful within 1 business day and you will be informed via email.
- For some specific security findings, we cannot confirm the resolution via compensating controls like MFA. For such security findings, we have a forth option to attest to a compensating control. Our security support team will review such requests and you can check if the resolution was successful in "resolved" tab usually within 72 hours.
- For high / medium / low security finding:
- Click on Resolve button
- Select the most appropriate option for resolution:
- Fixed the Issue
- Create an exception if you Accepted Risk, its a Third Party Risk or its False Positive
- Fixed the Issue
- Continue on the respective flows.
- Note: If fixed the issue, the finding will show up in Resolved tab and if you created an exception, the finding will show up in Exceptions tab.
What happens after you resolve a security finding?
- The security finding for that asset will no longer appear on your future scans
- We will stop alerting you about it if it was a critical security finding
- Risk Score and Scan History will be updated appropriately.
- You can find the resolved findings and exceptions on the respective tabs.
- You can track of all critical resolution requests in the Critical Resolution Request Log
If we detect this finding again on a different asset, only then will we alert you (if the finding is critical).