Triaging Vulnerabilities

Manifest allows you to triage vulnerabilities once you've analyzed them, allowing you to set a triage status (e.g. "Not Affected," "Fixed", etc.) in order to generate VEX reports, justify readiness for auditors, and create a knowledge store so your team doesn't get bugged by the same vulnerabilities over and over again.

To triage vulnerabilities in a given Asset:

1. Click the Vulnerabilities tab.
2. Select one or more vulnerabilities to triage by clicking on the checkbox on the left of each row.
3. Click Triage in the top right corner of the table.
4. Select a triage status for the vulnerability.
   • Affected, Not Affected, Under Investigation, Fixed are the statuses currently defined by CISA.
   • In the case there is a vulnerability that your organization would like to acknowledge but not take action on, select Accept Risk. This will remove the vulnerability from vuln counts for this asset.
   • To create a custom status, directly type the status into the field. This will be saved and will be available to use for all future vulnerabilities
5. Add additional justification and/or impact statements.
6. Set scope of the triage status.
   • Current version only: This will apply the triage status for only the current version of the asset.
   • All versions of this asset currently uploaded: This will apply the triage status for all version of this asset that are currently uploaded, but not for any future versions.
   • All versions of this asset forever: This will apply the triage status for any future asset that contains this vulnerability.
7. Click Save to confirm and apply the triage status to the vuln.