Is there a way to hide vulnerabilities? This vulne...
# fleet
Is there a way to hide vulnerabilities? This vulnerability is pretty insignificant, it's a lack of iterations on the PBKDF2 key stretching algo and the devs do not really see it as a thing so it's just going to sit there as a vuln indefinitely I fear, so I'd like to be able to hide it if possible?
Hey @Mystery Incorporated, as far as I know, vulnerability processing happens on your Fleet instance and not on the host machine. With that said I don't think you can filter out vulnerability via query However you can turn off software inventory in your .yaml file which will implicitly disable Fleet's vulnerability processing.
@koo thanks but I understand that, what I mean is I want to hide that vulnerability from showing in fleet
I think what @Mystery Incorporated is looking for is the
next steps
of vuln scanning / management -
Copy code
I have validated this finding, and have decided to take the following action:

- Mark as Fixed
- Mark as "False Positive"
- Mark as "Risk Accepted"
- Mark as "Not Applicable"
Or something along those lines. Depending on what was decided, the UI should tag / filter as applicable.
Hi folks, we are tracking this effort here:
👍 1
Yea pretty much in my case with the Bitwarden CVE I’d be flagging risk acceptable in my case
cool thanks
Great thank @defensivedepth and @Lucas Rodriguez for pitching in. @Mystery Incorporated I will keep a close eye on this one for you 🙂
ok thanks
In case this helps: for our internal vulnerability management flow (not based on osquery directly, but still) we have: • accept the risk (cve never shows up again) • accept risk for x days (cve shows up again after, useful to lessen the noise, follow up later when less important, or wait to see how a cve evolves) • accept risk for these hosts/images (when the CVE isn't applicable to a subset of assets) This has been working pretty well for us in the last few years. Maybe it helps here too!