CloudSploit provides a default "severity" setting for each plugin it releases, either as "low", "medium", or "high". In some cases, this default value may not align with your organization's requirements and you may wish to override this setting in your scan reports. To do this, follow the below steps:

  1. Log into the CloudSploit Console as an account admin (only account admins can change plugin severity levels).
  2. Navigate to the "Scans" > "Plugins" page and locate the plugin you'd like to modify.
  3. Select a new severity from the drop-down.

Some things to note about modifying plugin severity levels:

  • Severity can be one of "low", "medium", "high", or "critical".
  • Only account admins can modify the severity level.
  • The severity applies globally, to all cloud account connections across all groups in the CloudSploit account.
  • Changes apply to all scan reports, past and future and will appear instantly in the console and APIs.

Updating a test's severity is also supported via API.