Managing Risks
Hexiosec ASM offers information about the attack surface of a domain or IP based on publicly available data. It provides insights into potential risks and vulnerabilities that are visible to the public. However, it's important to note that certain risks may have been mitigated through configuration or security mechanisms that are not detectable by Hexiosec ASM.
Each risk is assigned a severity rating of low, medium, high, or critical, refer to the Risk Severity Ratings guidance for more information on how these are categorised.
Not all roles have the ability to mark a risk as ignored.
In Hexiosec ASM, it is possible to ignore individual risks. By ignoring a risk, its details will still be retained in the scan, but it will be excluded from the overall results displayed. This allows you to customise and focus on the specific risks that are relevant to your needs.
To ignore a risk, first navigate to the Risks page from the sidebar. Find the risk you would like to ignore and click on the edit icon.
After selecting the 'ignored' check box, you will be prompted to enter a reason for marking the risk as ignored.
You can see the ignored risks in the scan from the 'Ignored' section on the Risks page.
To show the risk in scan results, reverse this process by deselecting the ignored checkbox.