Please could someone let us know what the OOB process is if the scanner (Rapid7 InsightVM) detects vulnerabilities on an asset/host that is active on the network but the CI in the CMDB is set to as `Retired`.
Does the Discovered Item (and Vulnerabilities) still get created? If so, what are the statuses set to? Or are these vulnerabilities ignored, and no artifacts created?
Thanks in advance!
