Exclusions

Exclusions can be used to hide risks and vulnerabilities that you are already aware of and therefore do not want Snow Risk Monitor to flag.

Description

A device might for example contain an application that has reached end-of-life and cannot be patched, but the risk is mitigated by firewalls and anti-malware on the device. Since you are aware of the problem and the risk has been mitigated, it does not have to be flagged anymore. You can then create an exclusion for the application on the device.

Or, a device might be flagged as containing a vulnerability, even though you know that a patch has been installed solving the issue. You can then create an exclusion for the vulnerability on the device.

Exclusions can be created for the following items, separately or in combination:

  • Applications

  • Vulnerabilities (CVE ID)

  • Users

  • Devices

The data related to the excluded items or item combinations will be excluded from all dashboards.

You can temporarily show the excluded data on a dashboard by using the Excluded data section on the Filters pane, see Manage exclusions.

Exclusions need to be handled with caution to avoid unexpected results. For example, if a vulnerable application is excluded completely from all dashboards, because the risks associated with it has been mitigated on all devices it is currently installed on, you will not be able to see if the application is installed on any new devices in the future.