Depending on the project or environment a vulnerability is found in, you might need to assign a different severity than the default to the finding.
A severity override is applied to a finding if specific elements of the finding meet matching rule criteria. For example, you have a master finding for a SQL injection attack with a default severity of high. Your organization requires that these findings in the HR business unit are a higher priority while those in the DMZ business unit are a lower priority. You can configure one rule that assigns a severity of critical to these findings in the HR business unit and another rule that assigns a severity of low to these findings in the DMZ business unit. Findings of this vulnerability are assigned the default severity of high for other business units.
Note: Severity overrides are configured independently from variations.
- From the top menu, select .
- Click the master finding entry.
- Click the Severity Overrides tab.
- Perform any of these tasks:
Task Steps Create a severity override
- Click Add Rule.
- Enter the rule name.
- In the Severity Dropdown area, click Add Severity, then select the severity.
- Use the conditional drop-down menus to select the source, condition, and value.
- (Optional) Click Add new condition and configure additional condition criteria.Note: Conditions are combined using logical AND.
- To remove a condition, click the delete icon ( ).
Activate or deactivate a severity override rule Locate the rule and click the Active Rule / De-active Rule toggle. Duplicate a rule Locate the rule and click the duplicate icon ( ). Delete a rule Locate the rule and click the delete icon ( ).
- Click Save Changes.