Reject a vulnerability

FACT helps you see where vulnerabilities are believed to be present in your products. But not all vulnerability associations will be correct.

Although FACT’s advanced AI was designed to reduce false positives, it’s possible that some will creep into your product files. FACT enables you to easily reject any false positives on your own product files as part of your vulnerability management procedures.

A vulnerability is associated with a product file component: either the root file or one of its subcomponents. So when you reject a vulnerability association, you need to select both a vulnerability and a component. By rejecting the association, you’re saying that the correlation between the vulnerability and the selected component(s) is incorrect.

If a vulnerability exists in your product but is not exploitable, don’t reject the vulnerability association. The appropriate course of action is to create an exploit assessment.

  1. In the sidebar, select Files > Product Files.
  2. Choose how you want the product files displayed: Group By Product or List All Files.
  3. Locate the product file whose vulnerabilities you want to view.

     Search Tip

    Use the filter and search features to display a set of files with specific attributes or help locate a particular file. See Filter and search for files for full instructions on using these features. 

    You can also use the links in the Vulnerabilities box on the Visibility Report dahsboard to display a pre-filtered list of files. 

  4. Click a file name or the file's score to open the information window.
    The Analysis Results tab displays general information on the selected product file, including vulnerabilities. 
  5. Click Manage Vulnerabilities in the Vulnerabilities box.

    VulnerabilitiesBox_FileDetails.png

    The Vulnerabilities tab displays the vulnerabilities associated with the selected file. The vulnerabilities are sorted by their status: Unassigned, Under Investigation, Affected, Not Affected, and Fixed.
  6. Select a tab to display the vulnerabilities you're interested in.
    When rejecting a vulnerability association, you'll likely want to view the vulnerabilities on the Unassigned tab or the Affected tab.
  7. Change the confidence level to adjust the number of vulnerability associations displayed.
    False positives usually have a low confidence level.
  8. In the Grouped Vulnerabilities section, select how you want to view the vulnerabilities: Product, Component, All.
    See the article View the vulnerabilities associated with a file for a detailed description of these viewing options.
  9. Move through the panels from left to right to drill deeper into a vulnerability association.
    There is clickable content in the Grouped Vulnerabilities section that displays additional information without you needing to leave the information window. Make use of this information to assess both the file and the associated vulnerability.

     Tip

    Since false positives tend to have a lower confidence value, use the sort feature on the Confidence column to display the components with the lowest confidence value at the top of the list.

    Vulnerabilities_SortByConfidence.png

  10. Using the check boxes, select the vulnerability and component(s) whose association you want to reject.
    You can select multiple vulnerabilities (and associated component(s)) to perform several rejections at once.

     Important

    Exercise caution when rejecting vulnerabilities on components that your organization doesn't own. FACT's AI learns from vulnerability rejections and your changes could affect future scans.

    A panel opens above the Grouped Vulnerabilities section. It indicates the number vulnerabilities and components you have selected to reject.
  11. Click Reject.
    A message prompts you to confirm the rejection.
  12. Enter a reason for rejecting the vulnerability association(s). (optional)
  13. Click Yes, reject to confirm the rejection.
    A message confirms that the rejection was successful. FACT refreshes the Grouped Vulnerabilities panel. It may take a few minutes for FACT to update the file score.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.