mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-18 20:03:40 +00:00
Added exception details
This commit is contained in:
Dulce Montemayor
GitHub
@ -51,7 +51,37 @@ You also have the option to export all remediation activity data to CSV for reco
|
|||||||
|
|
||||||
The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task.
|
The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task.
|
||||||
|
|
||||||
However, if the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The exceptions you've filed will also show up in the **Remediation** page, in the **Exceptions** tab.
|
## When to file for exception instead of remediating issues
|
||||||
|
You can file exceptions to exclude certain recommendation from showing up in reports and affecting risk scores or secure scores.
|
||||||
|
|
||||||
|
When you select a security recommendation, it opens up a flyout screen with details and options for next step. You can either **Open software page**, choose from **Remediation options**, go through **Exception options** to file for exceptions, or **Report inaccuracy**.
|
||||||
|
|
||||||
|
Select **Exception options** and a flyout screen opens.
|
||||||
|
|
||||||
|
|
||||||
|
###Exception justification
|
||||||
|
If the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason.
|
||||||
|
|
||||||
|
Compensating/alternate control - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall prevents access to a machine, third party antivirus
|
||||||
|
Productivity/business need - Remediation will impact productivity or interrupt business-critical workflow
|
||||||
|
Accept risk - Poses low risk and/or implementing a compensating control is too expensive
|
||||||
|
Planned remediation (grace) - Already planned but is awaiting execution or authorization
|
||||||
|
Other - False positive
|
||||||
|
|
||||||
|
|
||||||
|
###Exception visibility
|
||||||
|
The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab.
|
||||||
|
However, you also have the option to filter your view based on exception justification, type, and status.
|
||||||
|
|
||||||
|
|
||||||
|
###Actions on exceptions
|
||||||
|
- Cancel - You can cancel the exceptions you've filed any time
|
||||||
|
- Resurface - The exception that you've filed automatically becomes void and resurfaces in the security recommendation section when dynamic environmental factors change, which adversely affect the exposure impact associated with a recommendation that had previously been excluded
|
||||||
|
|
||||||
|
###Exception status
|
||||||
|
- Cancelled - The exception has been cancelled and is no longer in effect
|
||||||
|
- Expired - The exception that you've filed is no longer in effect
|
||||||
|
- In effect - The exception that you've filed is in progress
|
||||||
|
|
||||||
## Related topics
|
## Related topics
|
||||||
- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
|
- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
|
||||||
|
|||||||
Reference in New Issue
Block a user