![LOGO_STOIK_WHITE.png]](https://help.stoik.io/hs-fs/hubfs/LOGO_STOIK_WHITE.png?height=40&name=LOGO_STOIK_WHITE.png){kind=logo}
Vulnerability & Asset Management Revamp
Overview
The vulnerability and asset management experience in Stoïk Protect has been completely redesigned to make it more intuitive and aligned with modern vulnerability management practices.
You can now discard vulnerabilities or assets, verify remediations, and track their lifecycle — all directly from Stoïk Protect.
Why It Matters
- Simplified workflow: Manage vulnerabilities and assets directly from your scan results.
- Better visibility: Understand the full lifecycle and review status of every vulnerability.
- Faster handling: Reduced manual review for Stoïk CERT — more automation for you.
How It Works
1. Discard Vulnerabilities or Assets
From your scan results in Stoïk Protect, you can now exclude items directly:
- Select a vulnerability or an asset.
- Click Exclude in the new sticky footer.
- Choose a discard reason:
- Risk accepted
- Third-party risk
- False positive
Depending on the severity:
- If the vulnerability is CRITICAL/HIGH, or linked to an asset that is, it will first be reviewed by a CERT analyst.
- Otherwise, it will be automatically discarded.
The status updates in real time as your request progresses.
Verify Vulnerability Remediation
When a patch has been applied, you can confirm it directly in Stoïk Protect:
- Select the vulnerability.
- Click Verify.
- Stoïk Protect automatically re-launches a scan for that asset.
If the issue is fixed, it disappears from the list and no longer impacts your risk score.
If not, it remains Active until resolved.
Status Definitions
| Status | Meaning |
|---|---|
| ACTIVE | The vulnerability or asset is currently detected. |
| CERT REVIEW | Waiting for Stoïk CERT validation before discard is applied. |
| TO BE DISMISSED | Temporary state (2–3 minutes) before discard is finalized. |
| DISMISSED | The vulnerability/asset has been successfully discarded and remains visible in the main table. |
What’s New
| Improvement | Description |
|---|---|
| Simplified UX | A new sticky footer with Exclude and Verify buttons replaces the old discard request flow. |
| Clear discard categories | Standardized reasons: Risk accepted, Third-party risk, False positive. |
| More automatic discards | Vulnerabilities below HIGH severity are now automatically discarded. |
| Verify remediation flow | Click Verify to re-scan and validate that a vulnerability is patched. |
| Unified view | Discarded vulnerabilities and assets now remain visible in the same table — no more separate tab. |