Accepting vulnerability risk

You may not want or need to deal with every vulnerability on every node in your network. You can also tell Puppet Remediate not to report on selected vulnerabilities on individual hosts.

If a vulnerability is low-risk, you might decide to deal with the vulnerability at a later time. If you decide to accept the risk a reported vulnerability poses on a given node, you can instruct Remediate to stop reporting on that vulnerability on the selected node on via the Vulnerability detail page.

  1. Go to the Vulnerability detail page for the vulnerability you want to work on.
  2. Select the nodes you want Remediate to pause reporting on for the chosen vulnerability, and click Accept Risk.
    Information on the nodes you selected is provided in the table on this page. You can click Edit nodes to further refine your selection.
  3. On the Review and accept risk page that appears, enter a name in the Identifier field to help you identify the accepted risk later, and click Confirm accepted risk.

    Your acceptance of the risk for the given vulnerability on the selected nodes is displayed on the Accepted risks page.

    Use the Accepted risks page to view more information on the vulnerability and nodes associated with the accepted risk entries you have made. You can also delete accepted risks from this page.

    On deletion of an accepted risk, Remediate recommences reporting on that vulnerability on the relevant nodes.

    Note: You can also access the Accepted risks page by clicking Accepted Risks on the Metrics bar at the Vulnerabilities dashboard page.