At Intruder, we're all about making vulnerability management as easy as possible, which is why you have the option to 'snooze' issues/occurrences.
The snoozing concept
Why would I snooze something?
Perhaps we’ve identified a vulnerability that you don’t consider a problem because you’ve added mitigating controls, maybe you’re comfortable accepting the risk and want that reflected in reports, or it could be as simple as – the issue has been confirmed to be a false positive and doesn’t require action.
What's the difference between snoozing an occurrence vs. the issue?
Snoozing at the occurrence level
This will snooze a specific occurrence of an issue, such as one that occurred on a particular target, on a specific port: 80 and a specific path. We'll keep that occurrence snoozed for as long as it's present or until the specified deadline expires, whichever happens first.
Snoozing at the issue level
This will snooze all current occurrences of that issue as well as all future occurrences until the specified deadline or the issue is no longer being detected.
Please note that issue snoozing overrides occurrence snoozing, so if you've snoozed an occurrence, then snoozed and un-snoozed the whole issue, all occurrences become un-snoozed.
Snooze an issue/occurrence
How do I snooze?
Head to the Issues page > Find the issue/occurrence and click 'Actions'.
Snoozing at the issue level:
Snoozing at the occurrence level:
Can I choose the reason for snoozing?
Yes, absolutely! Once you've clicked one of the buttons shown above, you can choose between accepting risk, marking it as a false positive, or adding mitigating controls.
Whichever initial reason you choose, you have the option to add a description under 'Details':
Issue Level | Occurrence Level |
| 
|
Note: As noted above, snoozing at the issue level will snooze all current occurrences of that issue as well as all future occurrences |
|
Can I choose how long it's snoozed for?
Yes! You can choose between 1-365 days, 1-52 weeks, 1-12 months, or forever:
Existing snoozed issues/occurrences
How can I read why something was snoozed and by whom?
Yes! Just head to Snoozed issues > click Actions > click 'View snooze details':
On the pane that appears, you will see details relating to the reason and details for snoozing, when it was snoozed, by whom, and when it was snoozed until.
Can I un-snooze?
At the issue level
Of course. Simply head to Issues > Snoozed > click the issue > click Actions > click the Un-snooze button:
At the occurrence level
Again, of course you can! Simply head to Issues > Snoozed > click the issue > click the occurrence > click Un-snooze occurrence:
The impact of Snoozing on Reports & Account Metrics
Are snoozed issues included in PDF reports?
Yes, they appear in a separate “snoozed” section but are not reflected in any of the graphs or stats on the first two pages.
Are snoozed issues included in dashboard stats?
Snoozed issues/occurrences will be removed from the dashboard, so they won't be reflected in the cyber hygiene score, threat level, time to fix charts, or exposure over time graph. (If you don't see them update, then try refreshing the page.)
The following graph is reflective of an account where there is one current critical issue:
In this graph, you'll notice that the critical issue has dropped off because it has since been snoozed:
Why would a snoozed issue move from snoozed to fixed?
The target was deleted.
The issue was manually remediated.
The issue was automatically remediated (possibly via a software patch).
A defensive layer interfered with the scanner's ability to detect the issue.
The server was responding inconsistently, and the scanner couldn't verify that the issue was still present.