Phase 6: Validation & Tuning

Refine scan performance and implement exclusions to ensure optimal platform function and zero impact on production. This phase makes the technical operation of the program efficient, accurate, and stable.

Expected Outcomes

During this phase, you fine-tune the platform's technical operation to maintain stability and accuracy. This includes:

Creating exclusion windows for scheduled maintenance periods or sensitive systems to ensure no disruption to business-critical operations. For more information, see Exclusions.
Optimizing scan performance settings (for example, maximum hosts and checks, or network congestion settings) for each network segment and sensor type to achieve the fastest scan times possible without causing network issues. For more information, see Scan Performance.
Investigating, validating, and recasting potential false positives with supporting evidence systematically.
Auditing and pruning scan templates to remove unnecessary customizations.
Establishing an ongoing process to audit and maintain credentialed scan success rates.

Why This Is Important

Stability and accuracy are paramount. Tuning ensures that deep credentialed scans do not disrupt sensitive legacy devices or consume excessive network bandwidth. Validation confirms that the data used for prioritization is accurate, which prevents the remediation team from wasting effort on non-existent vulnerabilities and builds trust in the program.

Verification

Verify the success of this phase by confirming the following:

Review scan logs for a reduction in scan interference or network congestion warnings over time.
Confirm you periodically review the number of recast (accepted risk) vulnerabilities to ensure appropriate risk acceptance. For more information, see View Rules.
Track and reduce scan completion times to an acceptable target (for example, all scans complete within a 4-hour window).

What to do next:

Move to Phase 7: Operationalization to formalize these refined processes into permanent operations.