On closure of Policy Exception for VR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2024 12:01 AM
Hi All,
When a Policy Exception expires, the related Vulnerable Item reopens along with associated Remediation Task.
But my requirement is to keep the associated Remediation Task closed when Policy Exception expires.
How to achieve this?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2024 12:18 PM
On following the expiration of the Policy Exception, if the vulnerability is still Active in the scanner the related VIs will open. If the vulnerability is Fixed, it will close even before expiration. Can you provide further justification of why you would want an active vulnerability closed following an exception expiration, as this could present risk to the organization. Are you instead, preferring to record it as a False Positive, in which case it can follow an approval flow on request and have an eternal date and remain closed?