• Support
  • Forums
  • Blogs

Dealing with Vulnerabilities

crickard62crickard62

I am using USM v5.2.1 and I have several vulnerabilities that show up when scanning.  A perfect example is the DCE Services Enumeration.  I want to treat this is informational and exclude it from the scans.  I don't want to mark it as a false positive because technically it isn't.  How do I prevent it from showing up in future scans and how can I deal with the existing vulnerabilities that are present from my scans?

Share post:

Answers

  • Only option that I'm aware of is to mark it as a false positive. You may want to submit a feature request to AlienVault suggesting the option to modify risk values in the vulnerability database.
  • Thanks cmdex - so I clicked on the false positive flag (just to see how it worked) and it marked it alright but there is no warning before the system taking the action.  As far as I can tell, the vulnerability is completely non visible.  Is there someplace them I can go to "unmark" it?
  • Thanks cmdex - so I clicked on the false positive flag (just to see how it worked) and it marked it alright but there is no warning before the system taking the action.  As far as I can tell, the vulnerability is completely non visible.  Is there someplace them I can go to "unmark" it?
  • Crickard62,

    I believe the information which you are looking for can be found in the document linked below:

  • Thanks kcoe - that's exactly what I needed.  Thank you very much.


Sign In or Register to comment.