Test exceptions reference
The Guardium vulnerability assessment test exception groups are prepopulated with the default members, schema, objects, or privileges created when a database is installed. Use these groups to avoid false-positives when running vulnerability assessments. If an assessment fails, link the appropriate exception group to the test to exclude the default members and run the test again: if the test now runs without violations, this indicates that the initial violations were due to the default members, schema, objects, or privileges created when the database was installed.
The exception group names are documented either in the short description or recommendation of the test, depending on the test logic.
Key to Exception Types:
HARDCODE_IN_SQL: The group name is inbuilt in the test query and cannot be modified.
EXCEPTION_GROUP: When tuning the test, the group name may be added as an exception.
VERSION_OR_PATCH: This is updated via quarterly DPS and can be modified.
Was this topic helpful?
13 December 2018