At Intruder we're all about making vulnerability management as easy as possible, which is why you have the option to 'snooze' issues/occurrences.
The snoozing concept
Why would I snooze something?
Perhaps we’ve identified a vulnerability that you don’t consider a problem because you’ve added mitigating controls; maybe you’re comfortable accepting the risk and want that reflected in reports or it could be as simple as – the issue is a false positive and doesn’t warrant further investigation.
What's the difference between snoozing an occurrence vs. the issue?
Snoozing at occurrence level
This will snooze a specific occurrence of an issue, such as one that occurred on a particular target, on a specific port:
80 and a specific path. We'll keep that occurrence snoozed for as long as it's present or until the specified deadline expires, whatever happens first.
Snoozing at issue level
This will snooze all current occurrences of that issue as well as all future occurrences until the specified deadline or the issue is no longer being detected.
Please note that issue snoozing overrides occurrence snoozing, so if you've snoozed an occurrence, then snoozed and un-snoozed the whole issue, all occurrences become un-snoozed.
Snooze an issue / occurrence
How do I snooze?
Head to the Issues page > Find the issue / occurrence and click the button.
Can I choose the reason for snoozing?
Yes, absolutely! Once you've clicked one of the buttons shown above, you can choose between accepting risk; marking it as a false positive or adding mitigating controls.
Whichever option you choose, you have the option to add a description under 'Details':
Note: As noted above, snoozing at the issue level will snooze all current occurrences of that issue as well as all future occurrences
Can I choose how long it's snoozed for?
Yes! You can choose between 3 months; 6 months; 12 months and forever.
Existing snoozed issues/occurrences
How can I read why something was snoozed and by whom?
If the user responsible has left a description, then yes! Just head to Snoozed issues > click the three dots next to Un-snooze > click '
Can I un-snooze?
At issue level
At Occurrence level
Snoozed + reports and stats
Are snoozed issues included in PDF reports?
Yes, they appear in a separate “snoozed” section but are not reflected in any of the graphs or stats on the first two pages.
Are snoozed issues included in dashboard stats?
Snoozed issues/occurrences will be removed from the dashboard, so they won't be reflected in the Cyber Hygiene score, the threat level, fix time charts or exposure over time graph. (If you don't seem them update, try refreshing the page.) To demonstrate:
The first graph is reflective of an account where there is one current critical issue:
In this graph, you'll notice that the critical issue has dropped off because it has since been snoozed:
Why would a snoozed issue move from
The target was deleted
The issue was manually remediated
The issue was automatically remediated (possibly via a software patch)
A defensive layer interfered with the scanner's ability to detect the issue
The server was responding inconsistently and the scanner couldn't verify the issue was still present.