Zero risk vulnerabilities

There is a special treatment that you can give to any reported vulnerabilities which is called zero risk, which means that according to analysis and consideration taken by your organization, this vulnerability poses no threat. In order to make a Zero Risk request you can take the same steps taken to assign a normal treatment.

After choosing to give a Zero Risk treatment to the selected vulnerability you only need to add a treatment justification, this information will be used by us to consider whether the vulnerability actually poses no threat at all, in which case the vulnerability will be deleted, however, if we still consider there is a risk, then it will remain reported.

You can also apply Zero Risk to several locations simultaneously by selecting them in the check box on the left side and clicking the edit button.

There you select the treatment, giving a single justification for all the locations you selected.