2 Replies Latest reply: Jan 9, 2013 3:40 AM by ritch RSS

    Stale Vulnerabilities

    ritch

      Hi All

       

      Does anyone know how to get rid of stale vulnerabilities from old scans, I have set up the database maintenance to purge jobs, tickets etc. after aq mximum of 90 days but still have vulnerabilities in the database that are over a year old!

       

      I would like to remove them from the reporting if at all possible and ideally remove them from the database.

       

      Cheers

       

      Ritch

        • 1. Re: Stale Vulnerabilities

          Hi Ritch,

           

          The maintenance task to remove vulnerabilities after 90 days only applies to remediated vulnerabilities.  My best guess would be that you no longer scan for these vulnerabilities or have chosen not to remediate them.  We do not remove vulnerabilities once they are discovered...unless they have been found 'not vulnerable'.

           

          If you are using ticketing you can set the ticket to ignored so that the vulnerability will not show in scan reports.  Another option would be to delete the asset from the Manage -> Assets screen and re-scan the asset with only the vulnerabilities that you wish to report on moving forward. 

           

          If the above assumptions are not the case...please feel free to clarify.

           

          Jen 

          • 2. Re: Stale Vulnerabilities
            ritch

            Hi Jen

             

            Thanks for your reply. I don;t believe that I am no longer scanning for a particular vulnerability but suspect what has happened is this :-

             

            Scan A was set up with a range R1-R3

            Scan B was set up with an OVerlap R2-R3 with different settings.

             

            Scan B has now been deleted so will never clear the vulnerability, Scan A is still running and not showing up the vulnerabilities (but I think is still scanning for them).

             

            Using the ticket system isn't really an option as from what I understand it doesn't stop the vulnerabilities from being reported in Custom Reports?

             

            To give you an idea of size of my problem - I have nearly 1000 Assets with 28,000 stale vulnerabilities on them.

             

            I have raised an SR for this but it does seem to be a bit of a limitation in the product.

             

            Ritch