How to reject a severity update request in the RiskSense platform.
The severity update workflow provides organizations with the ability to update a vulnerability’s severity based on their own environment’s needs. The RiskSense platform provides an option to change a vulnerability’s severity using the Severity Update (SU) workflow.
Only managers and group managers can reject severity update requests.
To reject a severity update request, go to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to reject a severity update using the Application > Application Findings page.
Select the severity update request findings you want to reject by clicking the check box in the page’s first column. You may select several vulnerabilities at a time for rejecting severity updates. If you are having trouble finding severity update requests, see Filtering for Severity Update Requests.
Click the Workflow button.
In the Workflow drop-down menu, click Reject under the Severity Update category. This option can be used for single and multiple vulnerabilities.
You may also select a single vulnerability and right click the line item to select workflow options from the pop-up menu. Note that using the right-click option only works for a single row, as designated in the screenshot below.
Clicking Workflow > Severity Update > Reject brings up the Reject Severity Update window.
In the provided text box, enter the reason for rejecting the severity update request. Once complete, click Apply.
When a severity request is rejected, the severity update icons no longer appear on the finding.