Mondoo
Docs
SecurityCustomize SecurityExceptions for Findings

Set Exceptions on Policies

Control which portions of policies Mondoo uses to assess your infrastructure

Make exceptions in a policy to customize how Mondoo evaluates your assets. Exceptions tell Mondoo to exclude certain checks when calculating your overall security posture.

If a policy contains checks that don't apply to your space or that, for any reason, you don't want to include in your security assessments, you can set exceptions on them. Exceptions let you control how Mondoo treats specific checks, such as accepting the risk or excluding them from scoring.

Setting exceptions

Note: Only team members with Editor or Owner access can perform this task.

  1. In the Mondoo Console, navigate to the space in which you want to set an exception.

    Space in the Mondoo Console

  2. In the side navigation bar, under Findings, select Policies.

    Security policies in the Mondoo Console

  3. Select the policy you want to customize.

  4. Select the Checks tab to see all the checks in the policy.

  5. Check the boxes to the left of the checks you want to set exceptions for.

    Mondoo security - set an exception

  6. Select the SET EXCEPTION button.

  7. Select the exception type and configure the details.

  8. Select the SAVE EXCEPTION button.

Approve or reject an exception

Exceptions take effect the moment they're added. However, as an extra tracking step, a team member can approve or reject an exception:

  • Approving an exception allows it to remain.

  • Rejecting an exception removes it.

Note: Only team members with Editor or Owner access can perform this task.

To approve or reject an exception:

  1. In the Mondoo Console, navigate to the space in which you want to approve or reject exceptions.

    Space in the Mondoo Console

  2. In the side navigation bar, under Findings, select Policies.

    Security policies in the Mondoo Console

  3. Select a policy and select the Exceptions tab to see all the exceptions in the policy.

    Security policies in the Mondoo Console

  4. Select the Reject button to remove the exception, or select the Approve button to keep the exception with your approval.

Remove an exception

Note: Only team members with Editor or Owner access can perform this task.

  1. In the Mondoo Console, navigate to the space in which you want to re-enable a check.

    Space in the Mondoo Console

  2. In the side navigation bar, under Findings, select Policies.

    Security policies in the Mondoo Console

  3. Select the Checks tab to see all the checks in the policy. The list indicates checks with exceptions.

  4. Check the boxes to the left of the checks you want to remove exceptions from.

    Mondoo security - select checks

  5. Select Remove Exception and Enable.

Set Exceptions on Asset Findings

Control which findings Mondoo uses to assess an asset's risk

Change Check Properties

Change the values Mondoo uses to assess your infrastructure

On this page

Setting exceptionsApprove or reject an exceptionRemove an exception