I want to create own vulnerability sets with some vulnerabilities disabled because they are not relevant or there's no patch available. But now I'm worrying that, if I create a vulnerability sets and new vulns are discovered, will the list automatically be updated so that all new vulns are also scanned?
How can I configure this?
I'm thinking the vulnerability list is linking to the FASL check numbers. If those FASL checks are updated, your selection should be updated. However, if new FASL checks are added to the database from updates, then they would need to be added to your scan profile manually. You could consider the process a selective approval, but maintaining this would be an ongoing effort of adding and removing FASL checks if you want it targeted to only mandatory checks.