On closure of Policy Exception for VR

User205031
Tera Contributor

Hi All,

 

When a Policy Exception expires, the related Vulnerable Item reopens along with associated Remediation Task.

 

But my requirement is to keep the associated Remediation Task closed when Policy Exception expires.

 

How to achieve this?

 

Thanks!

1 REPLY 1

Eliz Skogquist
ServiceNow Employee
ServiceNow Employee

On following the expiration of the Policy Exception, if the vulnerability is still Active in the scanner the related VIs will open.  If the vulnerability is Fixed, it will close even before expiration.  Can you provide further justification of why you would want an active vulnerability closed following an exception expiration, as this could present risk to the organization.  Are you instead, preferring to record it as a False Positive, in which case it can follow an approval flow on request and have an eternal date and remain closed?