When scanning your systems using automated vulnerability scanners, these scanning engines will sometimes identify issues that are false positives. Similarly, your business might be fine with accepting the risk on an issue, or not see it as a problem because you have added mitigating controls.
At Intruder we're all about making vulnerability management as easy as possible, which is why you can now 'snooze' issues within our portal.
How does it work?
If for any of the above reasons there is an issue you do not want to keep appearing in your scan results, simply hit the snooze button, select a reason for snoozing this issue and a time period for how long we should snooze the issue for. That issue will be removed from your issues in the portal and PDF report (although you can still see it in the separate 'snoozed' sections) until the deadline expires, when it will pop back up ready for you to re-examine. Of course you can also un-snooze issues at any time.
In detail, snoozing works at two different levels:
At the issue level
This will snooze all current occurrences of that issue "Strict Transport Security HTTP Header Not Set" and, it will automatically snooze all future occurrences of that issue until the specified deadline ("Snooze until"). So you won't see it again on any target or port until the deadline expires.
At the individual occurrence level
Use this to snooze a specific occurrence of an issue, such as one that occurred on a particular target "126.96.36.199" and on port 80. We'll keep that occurrence snoozed as long as it appears in your assessments or until the specified deadline expires, whatever happens first.
Also, note that issue snoozing overrides occurrence snoozing, so if you've snoozed an occurrence, then snoozed and un-snoozed the whole issue, all occurrences become un-snoozed.
Note: The snooze functionality is only available for customers on our Pro and Verified plans.