Hey Sai,
Without R7 reporting that the vulnerability was Fixed, VR has no way of knowing that it should be closed. There are a couple of things you can look into. Both can be found by navigating to:
Vulnerability Response > Administration > Auto-Close Configuration:
Stale Detections
- This will automatically close a Vulnerable Item when the scanner has not reported the vulnerability for X number of days.
- I have seen customers set this value anywhere from 15 to 60 days
Configuration Item Lifecycle
- Auto-close VIs linked to Retired CIs [checkbox]
- Before deciding to use this feature, you should consider how well you trust your CMDB processes. If a CI is Retired in the CMDB but the actual device is still running on your network, the VI will be closed even though it is in reality an active vulnerability in your environment.
I hope that this helps,
--Joe
