Managing Risks

hexiosec asm offers information about the attack surface of a domain or ip based on publicly available data it provides insights into potential risks and vulnerabilities that are visible to the public however, it's important to note that certain risks may have been mitigated through configuration or security mechanisms that are not detectable by hexiosec asm each risk is assigned a severity rating of low, medium, high, or critical, refer to the risk severity ratings guidance for more information on how these are categorised ignoring risks not all roles have the ability to mark a risk as ignored in hexiosec asm , it is possible to ignore individual risks by ignoring a risk, its details will still be retained in the scan, but it will be excluded from the overall results displayed this allows you to customise and focus on the specific risks that are relevant to your needs to ignore a risk, first navigate to the risks page from the sidebar find the risk you would like to ignore and click on the edit icon after selecting the 'ignored' check box, you will be prompted to enter a reason for marking the risk as ignored you can see the ignored risks in the scan from the 'ignored' section on the risks page to show the risk in scan results, reverse this process by deselecting the ignored checkbox