Rejecting a Severity Update

How to reject a severity update request in the RiskSense platform.

The severity update workflow provides organizations with the ability to update a vulnerability’s severity based on their own environment’s needs. The RiskSense platform provides an option to change a vulnerability’s severity using the Severity Update (SU) workflow.

Only managers and group managers can reject severity update requests.

To reject a severity update request, go to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to reject a severity update using the Application > Application Findings page.

Application Findings Menu Location-1

Select the severity update request findings you want to reject by clicking the check box in the page’s first column. You may select several vulnerabilities at a time for rejecting severity updates. If you are having trouble finding severity update requests, see Filtering for Severity Update Requests.

Severity Update Reject - Selecting Application Findings

Click the Workflow button.

Severity Update Reject - Workflow Button Location

In the Workflow drop-down menu, click Reject under the Severity Update category. This option can be used for single and multiple vulnerabilities.

Severity Update Reject - Severity Update Reject Menu Location

You may also select a single vulnerability and right click the line item to select workflow options from the pop-up menu. Note that using the right-click option only works for a single row, as designated in the screenshot below.

Severity Update Reject - Severity Update Reject Right Click Menu Location

Clicking Workflow > Severity Update > Reject brings up the Reject Severity Update window.

Severity Update Reject - Reject Severity Update Window

In the provided text box, enter the reason for rejecting the severity update request. Once complete, click Apply.

When a severity request is rejected, the severity update icons no longer appear on the finding.

Severity Update Reject - Rejected Severity Update