Assume vulnerabilities for limited time

Currently, a user could assume a vulnerability for ALL time, forever. The request is to change this and forced to choose a time window for the acceptance of the vulnerability.

This feature request opens new questions:

  • Options: 1 month? Three months? or a specific date (recommended).
  • Could options include forever? Or just a date very far away on time? (recommended)

Thanks in advance

1 Like

The finding should be assumed asking for a specific date, once this date is reached, the treatment should return to new so this would be considered by asserts and starts breaking the build

The option should not include forever, just a specific date with no time restrictions so they can assume for long periods of time.

From this perspective, is this a feature for 2 products and the underlying implication of his integration?

I think once the treatment changes on integrates there’s no need to change anything in asserts, by not having the vulnerability assumed, asserts will automatically consider its validation and break the build

I mean that until today asserts does not communicate automatically with integrates to extract any information via API. Today exploit mapping and activation is created via manual confirmation. In that way, I am referring to the integration asserts-integrates.