Manage application vulnerability status

New Relic Security RX can detect vulnerabilities across your applications. While most vulnerabilities need remediation, some might not be applicable to your environment. For example, your internal policies might categorize them as low risk or limited exposure due to how your application uses the potentially vulnerable component.

For vulnerabilities you're not interested in tracking, you can set the Status to Ignored so they no longer appear in the UI. Since each vulnerability is tied to one or more applications, you can:

Ignore individual vulnerabilities for a specific application
Ignore a vulnerability that appears across multiple applications

You can always change the status from Ignored back to Affected if you decide a vulnerability is worth tracking again.

Tip

Before you ignore a vulnerability, keep in mind that this change prevents other users with account access from seeing that vulnerability.

Ignore a vulnerability

When you choose to ignore a vulnerability, you'll be prompted to explain the rationale behind the decision. For example, you might say that the vulnerable code is not used in the application. We recommend that when you give this context, you also provide supplemental documentation when possible.

You'll also be prompted to set a duration for the Ignored status. Security RX will automatically change it from Ignored to Affected when the time period expires. If a vulnerability is already No Longer Detected, the status will remain no longer detected.

You can manually ignore vulnerabilities for specific applications. Once you set the status to Ignored, we'll exclude this from the summary tiles and vulnerability list by default. Other instances of this vulnerability on other applications will still keep the Affected status.

Go to one.newrelic.com > All capabilities > APM & services > (select an application)
In the left navigation, select Security RX
Click the Vulnerabilities tab
Select the vulnerability you want to ignore. If you don't see it, it might already have the Ignored status
Click the Change to ignored button
Fill out the form to explain the reasoning behind ignoring this vulnerability, including a time period

Go to one.newrelic.com > All capabilities > Security RX > Applications
Click the Vulnerabilities tab. By default, this view filters to vulnerabilities where at least one application is marked Affected
Choose the vulnerability you want to ignore
In the Area of Impact section, select each application you want to ignore
Click the Change to ignored button
Fill out the form to explain the reasoning behind ignoring this vulnerability, including a time period

Restore ignored vulnerabilities

It's good practice to review ignored vulnerabilities and validate whether they should stay ignored. We recommend reviewing your vulnerabilities every 90 days to ensure you aren't introducing risk into your system.

If you change the status from Ignored to Affected for a specific application, that reintroduces the vulnerability into default views and counts against this application. Instances of this vulnerability on other applications remain ignored.

Go to one.newrelic.com > All capabilities > APM & services > (select an application)
In the left navigation, select Security RX
Click the Vulnerabilities tab
Update the filter from Status = Affected to Status = Ignored. This displays all ignored vulnerabilities
Choose the vulnerability you want to update
Click Change to affected
Fill out the form to explain the reasoning behind changing this vulnerability to Affected

Go to one.newrelic.com > All capabilities > Security RX > Applications
Click the Vulnerabilities tab
From the settings cog, click the Ignored checkbox. This adds an ignore column to your vulnerability table
Select a vulnerability with an Ignored count greater than 0
Update the filter from Status = Affected to Status = Ignored
In the Area of Impact section, select the applications you want to mark Affected
Click Change to affected
Fill out the form to explain the reasoning behind changing this vulnerability to Affected

What's next?

Set up alerts

Get notified when application vulnerabilities are detected

Query security data

Track status changes and remediation metrics with NRQL

Understand prioritization

Learn how application vulnerabilities are ranked by risk

Manage organization vulnerabilities

View application vulnerabilities across your entire organization

Manage application vulnerability status

Tip

Ignore a vulnerability

Ignore a vulnerability for a specific application

Ignore a vulnerability across multiple applications

Restore ignored vulnerabilities

Remove ignored status for a specific application

Remove ignored status across multiple applications

What's next?

Set up alerts

Query security data

Understand prioritization

Manage organization vulnerabilities

Manage application vulnerability status

Tip

Ignore a vulnerability .css-21sua1{background:none;border:none;width:0;padding:0;}

Ignore a vulnerability across multiple applications

Restore ignored vulnerabilities

Remove ignored status for a specific application

Remove ignored status across multiple applications

What's next?

Set up alerts

Query security data

Understand prioritization

Manage organization vulnerabilities

Ignore a vulnerability