Nexpose : Vulnerability Exceptions

Vulnerability Exceptions

An exception defines a scenario where it is acceptable for a vulnerability to exist. When you define an exception for a vulnerability, you exclude it from a report and consider the vulnerability as an accepted risk. For example, you may want to define a exception for a vulnerability that poses minimal security risk, but requires more resources than you want to invest. In this particular case, it may be more cost effective to accept the vulnerability as a known risk than to remediate it.
When you import Nexpose data or perform a Nexpose scan, Metasploit Pro pulls the exception data for the vulnerability and stores it in the project. After you test and verify the vulnerabilities, you may want to use the results of the penetration test to update the vulnerability exception for each asset. Use the Nexpose Exception Push feature in Metasploit Pro to create and approve vulnerability exceptions for an asset.
After you define the exceptions, you can export, or push, the vulnerability exceptions from Metasploit Pro to Nexpose. The Nexpose Console displays the updated vulnerability exception information on the Asset Summary page.
Note: