Changing the Vulnerability Ticket Threshold

Applies to Product: USM Appliance™ AlienVault OSSIM®

As discussed in the Vulnerability Risk Factors, USM Appliance sets a threshold for vulnerabilities and generates a ticket automatically whenever the detected vulnerability surpasses the threshold.

The values of the Vulnerability Ticket Threshold field are Info, Low, Medium, High, and Disabled. The default value is Low, but this is user-configurable. If you set the threshold to Disabled, USM Appliance will not open any ticket when it detects a vulnerability.

You can change the threshold from the following locations:

  • Configuration > Administration > Main > Vulnerability Scanner
  • Environment > Vulnerabilities > Overview > Settings

To change the vulnerability threshold setting from Configuration

  1. Go to Configuration > Administration > Main > Vulnerability Scanner.

    Main page with Vulnerability Scanner selected.

  2. Select a value from the Vulnerability Ticket Threshold list.
  3. To save the change, click Update Configuration.

To change the vulnerability ticket threshold from Environment

  1. Go to Environment > Vulnerabilities > Overview > Settings.

  2. From the Settings dialog box, select the appropriate threshold value from the Vulnerability Ticket Threshold list.

    Settings dialog box with Vulnerability Ticket Threshold list selected.

  3. Click Update.