Exclude Vulnerability Based on Port

Is there a way to find/filter assets based on the vulnerability port that is affected? I have a vulnerability that I need to exclude for all assets when it’s on a specific port, but I don’t want to exclude the vulnerability for any other ports. Is there a way to do this via PSQL or the API?

My guess is that it’s possible to query for this via the Data Warehouse(PSQL query with joins) and then pull that data into a script and use the API to exclude all of the vulnerabilities, but I want to ensure that it only excludes the ones for that port and not any other ports.


I was able to figure out how to exclude the vulnerability on individual assets by using this POST query. Does anyone know if there’s a way to do instance based exclusions for an asset group?



“expires”: “”,
“scope”: {
“id”: {assetID},
“type”: “asset”,
“port”: {port},
“type”: “Instance”,
“vulnerability”: {vulnerabilityID}
“state”: “Under Review”,
“submit”: {
“reason”: “Acceptable Risk”