Skip to main content

Exposure Management

Scanner settings

Scanner settings lets you fine-tune how the built-in scanner's detection checks behave for your organization — without changing anyone else's results. You can hide a check that keeps flagging something you've accepted, raise or lower a finding's severity, or replace its title and remediation text with wording that fits your environment. These adjustments are called overrides.

Scanner settings is an administrative screen. Only users who can manage scanner settings can view and change overrides; every change is recorded for audit.

What it's for

  • Quiet the noise — suppress a check that repeatedly reports something you've reviewed and accepted.
  • Right-size severity — override a check's severity so it matches the real risk in your environment.
  • Speak your language — replace a check's title or remediation with text that reflects your own systems and procedures.
  • Aim precisely — apply an override to every asset, or scope it to a single asset group.

The screens in it

Scanner settings is a single screen: a filter row above a table of your existing overrides, with a form for creating and editing them.

Scanner settings — the overrides table with its filter row

Controls

The header

ControlWhat it does
RefreshReloads the list of overrides.
New overrideOpens the form to create a new override.

The filter row

FilterWhat it narrows to
SearchMatches text against the check ID, the raw asset-group ID, and the reason — not the asset group's display name, so searching for a group by its name won't find overrides scoped to it.
ScopeAll overrides, only those that apply to everything, or only those scoped to an asset group.
Asset groupA specific asset group.
SuppressedAll overrides, only suppressed ones, or only non-suppressed ones.
StatusActive and expired together, only active, or only expired.

A note beneath the table shows how many overrides you're viewing out of the total. When your filters match nothing, the screen tells you plainly and offers to clear the filters.

The overrides table

Each row is one override. Expired overrides are shown but visually dimmed — they stay in the list for review but are ignored when scans run.

ColumnWhat it shows
Check IDThe detection check the override applies to.
ScopeWhether it applies to everything or to a named asset group.
StatusActive or Expired.
SuppressedWhether findings from this check are hidden.
SeverityThe severity the override forces, if any.
Title overrideReplacement title, if set.
RemediationReplacement remediation text, if set.
ReasonWhy the override exists.
ExpiresWhen the override stops applying, if an expiry is set.
UpdatedWhen the override was last changed.
Edit / DeleteReopen the override to change it, or remove it.

The override form

New override and Edit open the same form.

FieldWhat it does
Check IDThe detection check to adjust. Required. On an existing override this can't be changed.
Asset groupLeave as Tenant-wide to apply the override to every asset, or choose a group to scope it.
SuppressedHides every finding from this check when scans run. Turning this on requires a reason.
Early accessOpts your organization in to preview content for this check. It doesn't change how findings are evaluated.
Severity overrideForces a severity for the check's findings, or leave as None to keep the advised severity.
Expires atAn optional date and time after which the override stops applying.
Title overrideOptional replacement for the check's title.
Remediation overrideOptional replacement for the check's remediation text.
ReasonWhy you're making this change — required when suppressing, and recorded either way so other administrators understand it.

When editing, only the fields you actually change are saved, so untouched values are preserved.

Other WeaverScan administration areas

Scanner settings shares its home under Admin > WeaverScan with a few other configuration screens:

  • Blackout Windows — maintenance periods during which scans are held back from running, so scanning doesn't collide with a change freeze or a maintenance window.
  • Policies — scan policy templates, check families, and compliance benchmark profiles that scans and assessments are built from.
  • Target Groups — named groups of targets you can reuse across scans and overrides, including as the Asset group scope for an override above.
  • Report Settings — branding and default content for a scan's HTML exports: a Company Name and Logo URL, plus toggles for which sections appear — Executive Summary, Risk Overview, Finding Details, Remediation Plan, Host Inventory, and Compliance Status. See Export formats for where these sections show up.

Common workflows

Workflow: suppress a noisy check

  1. Click New override.

    Step 1 — the new override form
  2. Enter the Check ID of the check you want to quiet.

  3. Leave the scope as Tenant-wide (or pick an asset group to limit it), turn on Suppressed, and enter a reason explaining why.

    Step 2 — suppressing a check with a reason
  4. Click Create override. The check's findings no longer appear on new scans, and the override shows as Active in the table.

Workflow: change a finding's severity

  1. Click New override and enter the Check ID.
  2. Set Severity override to the level that matches your real risk.
  3. Optionally add a reason so others understand the change, then click Create override.

Workflow: scope an override to one asset group and set an expiry

  1. Create or Edit an override.
  2. Set Asset group to the group it should apply to.
  3. Set Expires at to the date the adjustment should stop — useful for a temporary exception.
  4. Save. After the expiry passes, the override is dimmed and ignored, but stays in the list for you to review or remove.