All Collections
Control Monitoring
Exclusions
Exclusions

Exclude one or more items from a test and provide a business rationale so the item is no longer accounted for in the test.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

HERE'S WHY

Companies have the ability to exclude one or more items from a test when that test is not applicable to those items. This will ensure each time the test is run, those items are excluded. Excluded items will also always be visible within the test on the monitoring page.

BEFORE DIVING IN

Admins and information security leads have the ability to set exclusions.

HERE'S HOW

When on the 'Monitoring' page, select a failed test. For the particular test, you will see a list of items that caused the test to fail.

For example, on this 'Public SSH Denied' test, a security group is listed that allows public SSH. There is a business reason for this allowance. To exclude an item, select the minus icon to the right of the item, and you'll be given a modal to provide a business rationale for the exclusion.

If you have multiple items you want to exclude, you can bulk exclude by selecting the desired multiple items or select all and select the blue 'Exclude' text. You will only need to provide business rationale once to apply to multiple items.

Moving forward, the excluded item(s) will no longer cause the test to fail. You can revert the exclusion at any time by clicking the plus sign to reinclude the item(s) in the Excluded tab.

You will see the modal where you provided business rationale for the exclusion prior, and will select 'Reinclude'.

Did this answer your question?