Request an extension for an exception rule in Application Vulnerability Response

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Request an extension for a deferred exception rule before it reaches its deferred until due date. As a remediation owner, you’re no longer required to wait until the deferred due date to make this request.

    Avant de commencer

    Roles required: App-Sec Manager sn_vul.app_sec_manager, Security Champion sn_vul.app_security_champion.

    Pourquoi et quand exécuter cette tâche

    On an extension rule record, you can request an extension for the Deferred Until date only if the rule is in the Approved state. You might request this extension to a rule if you find a large number of records created by the rule are not being resolved by its Deferred until date, the date when the remediation task stops accepting new AVIs. The extension updates the exception rule so it automatically extends the deferral date on your existing rule.

    You can also request an extension from the Vulnerability Response Workspaces. For more information, see Request an extension for a deferred vulnerable item in the Vulnerability Manager workspace.

    Procédure

    1. Navigate to All > Application Vulnerability Response > Exception Rules.
    2. Select an approved exception rule.
    3. Select Request Extension.
    4. Fill in the fields on the form, as appropriate.
      Field Description
      Extend Until

      Select the date until when the exception rule must be extended.
      Reason Enter the reason for deferring the exception rule.
      Choices include:
      • Risk accepted
      • Awaiting maintenance window
      • Fix unavailable
      • Mitigating control in place
      • Other
      Additional information Enter any other relevant information.
    5. Select Request Approval.
      On approval of the request, the Deferred until, Reason and Additional information fields get updated on the exception rule and the associated remediation tasks and application vulnerable items. An email is also triggered on submission of the request and subsequent action by the approver.
      Remarque :
      • The request goes through two levels of approval.
      • The Request Extension button is unavailable for remediation tasks that are created as part of an exception rule.
      • If a deferred exception rule is extended again, the extend deferral count increases in the back end.