AnsweredAssumed Answered

ESA False-Positive Suppression on Known Authorized Scanners

Question asked by RSA Admin Employee on Sep 20, 2014
Latest reply on Sep 23, 2014 by Sean Koniarz


I am interested to hear how other people are suppressing ESA alerts from authorized vulnerability scanners.  It would be nice to have a global configuration so we don't to modify every alert rule.

 

We are tinkering with feeds, and adding meta data to exclude in rules, but are not having much luck.

 

Thanks.

Outcomes