Add a Recast Risk Rule

Required User Role: Organizational user with appropriate permissions. For more information, see User Roles.

If you create a recast risk rule, Tenable Security Center automatically updates the severity for any vulnerabilities that match the rule to the severity you specified in the rule.

For more information, see Recast Risk Rules.

To add a recast risk rule:

  1. Log in to Tenable Security Center via the user interface.

  2. In the left navigation, click Analysis > Vulnerabilities.

    The Vulnerabilities page appears.

  3. In the analysis tools drop-down box, select Vulnerability Detail List, Vulnerability List, or Vulnerability Summary.

    The page refreshes to show the analysis tool view you selected.

  4. To recast risk, do one of the following:

    Recast Risk Rule

    Actions

    To recast risk rule for a single vulnerability

    • Right-click any row that you want to recast and select Recast Risk.

    • Select the check box next to the vulnerability that you want to recast and in the toolbar, click Recast Risk.

    To recast rule for multiple vulnerabilities

    • Select more than one row and in the toolbar, click Recast Risk.

    The Recast Risk pane appears.

  5. In the New Severity drop-down box, select a new severity for the vulnerability.

  6. (Optional) In the Comment box, add a comment.

  7. (Optional) In the Expires box, select the date you want the recast risk rule to expire.

  8. In the Repository section, select one or more repositories where you want to apply the rule.

  9. Click Submit.

    Tenable Security Center saves your configuration.

    Note: There can be a short delay between clicking on Submit and vulnerabilities showing the new risk. It may be necessary to reload the filters to view the applied changes.

What to do next:

  • (Optional) Enable Recast and Accept Risk Rule Comments to display contents of the Comment field in reports and vulnerability analysis views. For more information, see Risk Rule Comments.