Accept a vulnerability

You can choose to accept an identified risk rather than fixing or mitigating the vulnerability. Changing the state of a risk to Accepted removes that risk from the risk score calculation. The risk remains in the Risks table for as long as it is detected on the network.

Arctic Wolf® recommends that you mitigate or fix risks to improve your security posture, instead of accepting them. Accepting a risk does not make the risk go away, so bad actors could still take advantage of the vulnerability.

If the risk is a false positive, you should apply the False Positive state to the risk to remove the risk from the risk score calculation.

Note:

When a risk is marked as Accepted or False Positive, the risk score is not updated immediately. It takes about 1 hour for the system to process and display the changes.

  1. Sign in to the Risk Dashboard.
  2. In the navigation menu, click Risks.
  3. In the Risks table, click the risk that you want to update.

    The information pane opens.

    Tip:

    Use the Search bar to limit the results.

  4. In the information pane, in the State list, select Accepted.
  5. In the prompt, enter a detailed justification description.
  6. Click Accept.

    Your changes are automatically saved.