This report helps evaluate the accepted risk posed by approved Exception Requests and Ignored/acknowledged vulnerabilities from connectors, adding business context, and helping the security team operate around the Risk Exception and Compliance policies.

The analytics in this report is based on the Exception Requests in "Approved" status only. You can view the list of Exception Requests in the Approved state by going to the Exceptions page and scrolling down to the "Approved" status.

First, make sure you cover the Analytics Filters and Data Drilling to learn about the expected behavior of the trends and presented data.

The count of “Approved” exception requests in the selected Period. Note that the count on this widget might slightly differ from the count of “Approved” on the Exception page due to the difference in data sync times.

The count of all vulnerability instances existing in all “Approved” Exception Requests in the selected Period. Note that an exception request usually contains more than one vulnerability instance. Therefore, the number here is usually larger than the number in the Exception Requests count widget on the left.

The count of unique vulnerabilities in all “Approved” exception requests. Note that a unique vulnerability can contain several vulnerability instances. Therefore, the number here is always larger than the number in the Vulnerability Instances widget on the left.

The average age in days of all vulnerability instances in “Approved” Exception Requests. This calculation is based on the date under the “First Seen” column of each vulnerability instance. To calculate the age of a vulnerability instance: Today’s date - “First Seen” date = Age in days.

The Risk Mass of all vulnerability instances in “Approved” Exception Requests, out of the total Risk Mass in the organization. To view the total Risk Mass, go to Dashboard page > Risk Mass widget.

The count of Exploitable Vulnerability Instances in both of “Approved” Exception Requests and in “Ignored/acknowledged” (connector-generated). Exploitable vulnerability instances have the threat tag "Exploitable".

The count of Exception Requests, assorted by Exception Request Type, on a given Expiration date. Hover over an expiration date to view the Exception Request count and types that expired (or will expire) on that date. The Expiration date is a non-mandatory option defined when creating an Exception Request.
​

The count of Vulnerability Instances, for which Exception Requests were approved during the 1st, 2nd, or final third of the SLA timeframe. This widget helps users understand when an exception request for a vulnerability instance was approved in the SLA policy timeframe. For example, if an exception request for a vulnerability instance was created and approved during the 1st third of the SLA, a count will appear next to “Beginning of SLA”. If an Exception Request was approved for a vulnerability instance that already exceeded SLA (AKA, exceeded the SLA timeframe), a count will appear next to “Exceed SLA”. This widget counts only vulnerabilities that were Ignored/acknowledged (i.e., exception approved) through the Exception Requests process.
​

The count of Exception Requests in “Approved” state, assorted by Exception Request Type, at a given date. Each organization defines its Exception Request Types (Settings > Exceptions > Exception Request Types). Hover over a point in time to view the Exception Requests count assorted into Types.

The count of Exception Requests in “Approved” and “Ignored/acknowledged” status, assorted by Exception Request Type, at a given date. Each organization defines its Exception Request Types (Settings > Exceptions > Exception Request Types). Hover over a point in time to view the Exception Requests count assorted into Types. This widget also counts “Ignored/acknowledged” vulnerabilities.

The total number of Vulnerability Instances with Exception Requests assorted by Risk Level.
​

Risk Mass distribution of Exception Requests assorted by Risk Level.

Count of Unique Vulnerabilities in Exception Requests assorted by Asset type.

Count of Vulnerability Instances with Exception Requests assorted by Risk Level per each Business Group.

Count of Exception Requests assorted by associated Business Groups sorted out from the highest to the lowest count.
​

A representation of the Exception Requests with the highest count of Vulnerability Instances. This trend presents the 16 Exception Requests with the most vulnerability instances count. If you have more Exception Requests that don’t appear here, it indicates that those exceptions contain fewer vulnerability instances than the lowest count on this trend.
​

Count of vulnerability instances in status ‘Ignored/acknowledged’ assorted by source.
Sources: Manual (created manually by the user), Playbook (created by automated playbooks), or Connector-generated (sent directly from connectors). These vulnerability instances don’t have any exception requests associated with them.

Read our Analytics FAQ and Data Validation article here.