Hi All, 

We have a critical CVE (Defender Portal) on a system that is no longer in operation. Now I want the CVE to no longer appear in the dashboard under “Weaknesses”.
So I have manually tagged the system as “Decommissioned” and built a device group “Decommissioned” based on the tag.
As far as I know, you can only set the “Exceptions” to “Security Recommendations” globally or on Device Groups.
So I set an exception on the “Recommendation” related to the device group.
However, the vulnerability is still displayed under “Weaknesses”.

My hope was that the vulnerability would be removed from the overview so that I would see fewer false positives.

My guess is that since the Security Recommendations contain a total of 55 CVEs, the process is not working as expected.

How do you handle Exceptions in the Dashboard/Overview?

Thanks for the help.

​Hi All, We have a critical CVE (Defender Portal) on a system that is no longer in operation. Now I want the CVE to no longer appear in the dashboard under “Weaknesses”.So I have manually tagged the system as “Decommissioned” and built a device group “Decommissioned” based on the tag.As far as I know, you can only set the “Exceptions” to “Security Recommendations” globally or on Device Groups.So I set an exception on the “Recommendation” related to the device group.However, the vulnerability is still displayed under “Weaknesses”. My hope was that the vulnerability would be removed from the overview so that I would see fewer false positives.My guess is that since the Security Recommendations contain a total of 55 CVEs, the process is not working as expected.How do you handle Exceptions in the Dashboard/Overview? Thanks for the help.  Read More

​