Reviewing Suppressed Vulnerability Matches - PAS ICS Integrity - 7.3 - Help - Intergraph

ICS Integrity Help

Language
English
Product
PAS ICS Integrity
Subproduct
ICS
Search by Category
Help
PAS Version
7.3

If you chose to suppress (hide) matches from the list on the Vulnerability Management window, you should periodically review those suppressed matches. You might recognize a pattern that will help you define a new matching rule that automatically filters out these types of matches. You might also identify a suppressed match that requires further investigation. In this case, you might choose to unsuppress the match. If you unsuppress a match, that match will be displayed even if an auto-suppression rule would suppress that match.

To review suppressed (hidden) vulnerabilities:

  1. Open the ICS Integrity web interface.

  2. Click Vulnerabilities > Management in the left navigation bar.

  3. Check the Show Suppressed check box. This option includes matches that are either manually suppressed or suppressed by an auto-suppression rule.

  4. In the Status column heading, click the Filter icon.

    user-vm-filter-hidden

  5. Set the filter to show matches with a Status equal to Suppressed. This status includes matches that are either manually suppressed or suppressed by an auto-suppression rule.

  6. Click Filter.

  7. If you want to unsuppress a vulnerability match, you can clear the Disposition value by selecting the vulnerability match and then clicking the Clear Disposition button. If a match has a workflow case associated with it, you cannot suppress it or clear the Disposition value. The workflow case controls the Disposition value.