Is there a way to hide vulnerabilities? This vulnerability is pretty insignificant, it's a lack of iterations on the PBKDF2 key stretching algo and the devs do not really see it as a thing so it's just going to sit there as a vuln indefinitely I fear, so I'd like to be able to hide it if possible?

Hey @Mystery Incorporated, as far as I know, vulnerability processing happens on your Fleet instance and not on the host machine. With that said I don't think you can filter out vulnerability via query However you can turn off software inventory in your .yaml file which will implicitly disable Fleet's vulnerability processing.

@koo thanks but I understand that, what I mean is I want to hide that vulnerability from showing in fleet

I think what @Mystery Incorporated is looking for is the

next steps

of vuln scanning / management -

I have validated this finding, and have decided to take the following action:

- Mark as Fixed
- Mark as "False Positive"
- Mark as "Risk Accepted"
- Mark as "Not Applicable"

Or something along those lines. Depending on what was decided, the UI should tag / filter as applicable.

Hi folks, we are tracking this effort here: https://github.com/fleetdm/fleet/issues/3152

Yea pretty much in my case with the Bitwarden CVE I’d be flagging risk acceptable in my case

Great thank @defensivedepth and @Lucas Rodriguez for pitching in. @Mystery Incorporated I will keep a close eye on this one for you 🙂

ok thanks

In case this helps: for our internal vulnerability management flow (not based on osquery directly, but still) we have: • accept the risk (cve never shows up again) • accept risk for x days (cve shows up again after, useful to lessen the noise, follow up later when less important, or wait to see how a cve evolves) • accept risk for these hosts/images (when the CVE isn't applicable to a subset of assets) This has been working pretty well for us in the last few years. Maybe it helps here too!