Set Exceptions on Asset Findings

An asset finding exception tells Mondoo to skip or stop scoring a finding on a single asset. Use it when a check or advisory matters for your space overall but doesn't apply to one particular asset, or when you want to defer fixing it until a later date.

For an overview of the four exception types, read Exceptions.

Note: Setting, approving, and removing exceptions all require Editor or Owner access.

Set an exception on an asset's advisories

1. In the Mondoo App, navigate to the space.

2. Use Search in Space in the top-right or the Inventory list to open the asset.

   You can also select a workspace to view a subset of assets.

3. Select the Advisories tab.

   

4. Check the boxes next to the advisories you want to set an exception on.

   

5. Select SET EXCEPTION.

   

6. Choose the exception type and period, add a justification (used by the approver), then select SAVE EXCEPTION.

The same flow works on the Findings and Vulnerabilities tabs for check and CVE exceptions.

Approve or reject an exception

An exception's approval flow depends on your space's exception settings. By default, an exception takes effect when it's created and a different team member approves or rejects it as an audit step. Approving keeps the exception. Rejecting removes it.

1. Open the asset (steps 1–2 above).

2. Select the Exceptions tab to see every exception on the asset.

   

3. Select Approve or Reject.

Remove an exception

1. Open the asset (steps 1–2 above) and switch to the relevant tab (Advisories, Vulnerabilities, or Findings).

2. Check the boxes next to the items you want to re-enable.

   

3. Select Remove Exception and Enable.