Skip to main content
Snoozing issues/occurrences

'Snooze' issues by marking them as false positive, accepting the risk, or because you've added mitigating controls

Naomi Purvis avatar
Written by Naomi Purvis
Updated over a week ago

At Intruder we're all about making vulnerability management as easy as possible, which is why you have the option to 'snooze' issues/occurrences.

The snoozing concept

Why would I snooze something?

Perhaps we’ve identified a vulnerability that you don’t consider a problem because you’ve added mitigating controls; maybe you’re comfortable accepting the risk and want that reflected in reports or it could be as simple as – the issue is a false positive and doesn’t warrant further investigation.

What's the difference between snoozing an occurrence vs. the issue?

Snoozing at occurrence level

This will snooze a specific occurrence of an issue, such as one that occurred on a particular target, on a specific port: 80 and a specific path. We'll keep that occurrence snoozed for as long as it's present or until the specified deadline expires, whatever happens first.

Snoozing at issue level

This will snooze all current occurrences of that issue as well as all future occurrences until the specified deadline or the issue is no longer being detected.

Please note that issue snoozing overrides occurrence snoozing, so if you've snoozed an occurrence, then snoozed and un-snoozed the whole issue, all occurrences become un-snoozed.

Snooze an issue / occurrence

How do I snooze?

Head to the Issues page > Find the issue / occurrence and click the button.

Snoozing at issue level:

Or at occurrence level:

Can I choose the reason for snoozing?

Yes, absolutely! Once you've clicked one of the buttons shown above, you can choose between accepting risk; marking it as a false positive or adding mitigating controls.

Whichever option you choose, you have the option to add a description under 'Details':

Issue Level

Occurrence Level

Note: As noted above, snoozing at the issue level will snooze all current occurrences of that issue as well as all future occurrences

Can I choose how long it's snoozed for?

Yes! You can choose between 3 months; 6 months; 12 months and forever.

Existing snoozed issues/occurrences

How can I read why something was snoozed and by whom?

If the user responsible has left a description, then yes! Just head to Snoozed issues > click the three dots next to Un-snooze > click 'View details':

On the pane that appears, you will see details relating to the reason and details for snoozing, when it was snoozed, by whom and when it was snoozed until.

Can I un-snooze?

At issue level

Of course. Simply head to Issues > Snoozed > click the Un-snooze button:

At Occurrence level

Again, of course you can! Simply head to Issues > Snoozed > Click the issue in question > scroll down to the occurrence and hit Un-snooze occurrence

Snoozed + reports and stats

Are snoozed issues included in PDF reports?

Yes, they appear in a separate “snoozed” section but are not reflected in any of the graphs or stats on the first two pages.

Are snoozed issues included in dashboard stats?

Snoozed issues/occurrences will be removed from the dashboard, so they won't be reflected in the Cyber Hygiene score, the threat level, fix time charts or exposure over time graph. (If you don't seem them update, try refreshing the page.) To demonstrate:

The first graph is reflective of an account where there is one current critical issue:

In this graph, you'll notice that the critical issue has dropped off because it has since been snoozed:

Why would a snoozed issue move from snoozed to fixed?

  • The target was deleted

  • The issue was manually remediated

  • The issue was automatically remediated (possibly via a software patch)

  • A defensive layer interfered with the scanner's ability to detect the issue

  • The server was responding inconsistently and the scanner couldn't verify the issue was still present.

Did this answer your question?