Manage infrastructure vulnerability status

New Relic Security RX can detect vulnerabilities across your infrastructure hosts. While most vulnerabilities need remediation, some might not be applicable to your environment. For example, your internal policies might categorize them as low risk or limited exposure due to how your infrastructure uses the potentially vulnerable component.

For vulnerabilities you're not interested in tracking, you can set the Status to Ignored so they no longer appear in the UI. Since each vulnerability is tied to one or more hosts, you can:

Ignore individual vulnerabilities for a specific host
Ignore a vulnerability that appears across multiple hosts

You can always change the status from Ignored back to Affected if you decide a vulnerability is worth tracking again.

Sugerencia

Before you ignore a vulnerability, keep in mind that this change prevents other users with account access from seeing that vulnerability.

Ignore a vulnerability

When you choose to ignore a vulnerability, you'll be prompted to explain the rationale behind the decision. For example, you might say that the vulnerable code is not used on the host. We recommend that when you give this context, you also provide supplemental documentation when possible.

You'll also be prompted to set a duration for the Ignored status. Security RX will automatically change it from Ignored to Affected when the time period expires. If a vulnerability is already No Longer Detected, the status will remain no longer detected.

You can manually ignore vulnerabilities for specific hosts. Once you set the status to Ignored, we'll exclude this from the summary tiles and vulnerability list by default. Other instances of this vulnerability on other hosts will still keep the Affected status.

Go to one.newrelic.com > All capabilities > Infrastructure > (select a host)
In the left navigation, select Security
Click the Summary tab
Click the Vulnerabilities section
Select the vulnerability you want to ignore. If you don't see it, it might already have the Ignored status
Click the Change to ignored button
Fill out the form to explain the reasoning behind ignoring this vulnerability, including a time period

Go to one.newrelic.com > All capabilities > Security RX > Infrastructure
Click the Vulnerabilities tab. By default, this view filters to vulnerabilities where at least one host is marked Affected
Choose the vulnerability you want to ignore
In the Area of Impact section, select each host you want to ignore
Click the Change to ignored button
Fill out the form to explain the reasoning behind ignoring this vulnerability, including a time period

Restore ignored vulnerabilities

It's good practice to review ignored vulnerabilities and validate whether they should stay ignored. We recommend reviewing your vulnerabilities every 90 days to ensure you aren't introducing risk into your system.

If you change the status from Ignored to Affected for a specific host, that reintroduces the vulnerability into default views and counts against this host. Instances of this vulnerability on other hosts remain ignored.

Go to one.newrelic.com > All capabilities > Infrastructure > (select a host)
In the left navigation, select Security
Click the Summary tab
Click the Vulnerabilities section
Update the filter from Status = Affected to Status = Ignored. This displays all ignored vulnerabilities
Choose the vulnerability you want to update
Click Change to affected
Fill out the form to explain the reasoning behind changing this vulnerability to Affected

Go to one.newrelic.com > All capabilities > Security RX > Infrastructure
Click the Vulnerabilities tab
From the settings cog, click the Ignored checkbox. This adds an ignore column to your vulnerability table
Select a vulnerability with an Ignored count greater than 0
Update the filter from Status = Affected to Status = Ignored
In the Area of Impact section, select the hosts you want to mark Affected
Click Change to affected
Fill out the form to explain the reasoning behind changing this vulnerability to Affected

What's next?

Set up alerts

Get notified when infrastructure vulnerabilities are detected

Query security data

Track status changes and remediation metrics with NRQL

Manage infrastructure vulnerabilities

View infrastructure vulnerabilities across your entire organization

Manage infrastructure vulnerabilities from entities

Monitor vulnerabilities for specific hosts

Manage infrastructure vulnerability status

Sugerencia

Ignore a vulnerability

Ignore a vulnerability for a specific host

Ignore a vulnerability across multiple hosts

Restore ignored vulnerabilities

Remove ignored status for a specific host

Remove ignored status across multiple hosts

What's next?

Set up alerts

Query security data

Manage infrastructure vulnerabilities

Manage infrastructure vulnerabilities from entities

Manage infrastructure vulnerability status

Sugerencia

Ignore a vulnerability .css-21sua1{background:none;border:none;width:0;padding:0;}

Ignore a vulnerability across multiple hosts

Restore ignored vulnerabilities

Remove ignored status for a specific host

Remove ignored status across multiple hosts

What's next?

Set up alerts

Query security data

Manage infrastructure vulnerabilities

Manage infrastructure vulnerabilities from entities

Ignore a vulnerability