Here you can change the following information about your company:
Company name (please make sure the spelling is correct)
Website
Company size
Sector
Address (street, postal code, city & country)
You can globally ignore vulnerabilities for a client under "Technical Details > Vulnerabilities". That means these get ignored across all clients. If vulnerabilities are globally ignored, they get shown here in this list.
If you remove an ignored vulnerability from this list, it might take a while before it shows up again in customer accounts.
Here you can set up how risk calculation is weighted. The weighting is based on severity (CVSS), likelihood (EPSS & CISA KEV), and asset value.
The asset value reflects the financial, operational, or strategic worth of a specific target within an organization. It plays a key role in risk assessment and in prioritizing security actions. So, you can fine-tune the weighting of your risk calculation by setting default values for different types of targets. You can choose from the following asset values:
Irrelevant (Weighting: 0%) → Note: Vulnerabilities for these systems are rated with risk 0 and are therefore just for your information
Very low (Weighting: 25%)
Low (Weighting: 50%)
Medium (Weighting: 75%)
High (Weighting: 100%)
Critical (Weighting: 125%)
It's also possible to configure asset values for each target within a customer account under the Infrastructure menu. There you can increase or decrease the asset values of individual targets.
Here you can choose to have vulnerabilities from inactive client or server devices ignored automatically. As soon as a device is active again, any vulnerabilities that were hidden before will show up again.
This helps make sure that inactive devices, which aren't relevant anymore, don't mess up your customers' security score.
Here yo can adjust the setting for how long to delay the detection and display of missing patches for internal targets. This is handy if you don't want to install patches right after they're released. You can pick any delay between 0 and 60 days.
During a security audit, sometimes vulnerabilities are flagged by mistake. To avoid this, Lywand filters out these so-called “false positive” vulnerabilities by default, so they don’t show up on the platform. The threshold for this filter is based on a percentage chance called the Quality of Detection (QoD).
If you set this filter to a high level, it's less likely that you'll spot false positives. However, this might also mean that true positives (meaning real vulnerabilities) could get filtered out. If you want the highest possible detection rate for real vulnerabilities—while accepting more false positives—just pick a lower setting here.
Here you can choose between these filter settings:
Strong – very low chance of false positives, but real vulnerabilities (true positives) might get filtered out too
Medium – the default value, only a few false positives and it's less likely that real vulnerabilities will get filtered out
Light – possibly more false positives, but almost all real vulnerabilities are found
Devices that haven't connected to the platform for a long time can be automatically removed and won't be charged for in the following month. All related results will be deleted too.
