This blog post describes and explains Custom Report Policies and how to create them. Two significant report customisations are possible: excluding a vulnerability from the web security Scan Report and changing the Severity Level of a vulnerability. Excluding a vulnerability means that the vulnerability is not reported in the scan results or report.