By default, you don't receive alerts every time a new risk insight is discovered, the risk insights policy feature allows you to create vulnerabilities from risks and in turn to receive a notification every time one is created.

To do so, click on Manage Policies from the Risk insights tab.

From this page, select New policy then fill out the information necessary.

For example, you can create a rule that will create a Qualified Vulnerability for each new SSH services found on your external attack surface.

When you create your policy, if you want the existing risk insights to be included, don't forget to click on "Create vulnerabilities from existing Risk Insights".

If you want to apply your policy to existing risks but you did not click on "Create vulnerabilities from existing Risk Insights" when creating the rule, you can select your policy and click on Apply.