What is Noise?
These are findings that we deem informational, rather than actionable. We deliberately omit them from reports so as to focus your attention and resource on remediating the real weaknesses – the ones that if compromised, could pose a genuine risk to your security.
What kind of checks does it include?
They vary depending on the type of target you've added for scanning. For example, if you've included a laptop, you might find OS Identification and Device Hostname listed; where an external target might return results for Web Server Directory Enumeration and Host Fully Qualified Domain Name (FQDN) Resolution.
Where can I find it?
The name of the finding; a list of targets and ports scanned; a description and the reason why we have chosen to filter it as noise. As with normal issues, you can also review the raw scanner output by clicking on the 'Scanner Output' button
What's the main benefit of filtering noise?
Many vulnerability scanners will flood you with information on things that they have found out about your infrastructure (such as web server discovery, encryption types, etc.). Whilst this might look impressive, it doesn't help when you're looking for genuine security issues because there's too much noise.
Can I choose what gets filtered as Noise?
No, but you can trust us! Our security experts spend hours every week looking at different software, services and configurations to see what is robust enough to be exposed to the internet (filtered as informational noise), and what isn't meant to be there (flagged as an issue).