Configuring remediation task rules

Rversion finale: Australia

Mis à jour 12 mars 2026

2 minutes de lecture

By configuring remediation task rules, you can automatically group findings based on filter conditions.

In the Security Exposure Management Workspace, you can set up a single assignment rule that applies to all types of findings, including vulnerable items (VITs), application vulnerabilities (AVITs), container vulnerabilities (CVITs), and configuration test results (CTRs). This rule can then be applied to all the findings or a specific combination of findings.

Create remediation task rules

Create remediation task rules to automatically group findings based on filter conditions. These rules automatically group findings as they’re imported or manually created. Use the filter to limit the findings grouped by this rule, such as selecting all findings with exploits.

Avant de commencer

Role required: See Access control lists (ACLs) for administration rules

Pourquoi et quand exécuter cette tâche

The base system ships with one remediation task rule, Vulnerability, which groups vulnerable items by vulnerability and assignment group (from Assignment rules). You can reapply the rules from the form or list view. For some sample entries, see Vulnerability Response remediation task rule examples.

This rule can be modified by using filter conditions and Group by choices. By default, remediation tasks use Assignment Rules, when available, as part of their filter criteria.

Remarque :

If no assignment rules exist, you can select a group using the User group field.

Procédure

Navigate to Workspaces > Security Exposure Management Workspace.
Select Administration in the navigation pane.
Select Review on the Remediation task rules tile.
On the Rules page, select Remediation task in the navigation pane.

Select New and fill in the fields on the form:

Tableau 1. Remediation task rule form
Field	Description
Details
Name	Name of the remediation task rule.
Applies to	Tables the remediation task rule applies to.
Active	Indicates whether the remediation task rule is active.
Description	Description of the remediation task rule.
If this condition is met
Case sensitive	Determines whether a condition is case sensitive or not. Remarque : The default value is case insensitive.
Condition fields	Conditions that must be met. By default, searches in the condition builder on task rule records and forms aren’t case-sensitive (the Case sensitive check box is inactive). If needed, you can enable case-sensitive searches by selecting the Case sensitive check box on the relevant task records and forms.
New condition set	Adds more condition filter fields to choose from.
Group by
Group findings from	The table the rule uses to group the findings. Choices are: Finding [sn_vul_vulnerable_item] Finding > Configuration Item [cmdb_ci] Finding > Vulnerability Remarque : The Group findings from field updates based on the number of tables selected in the Applies to field. If one table is chosen, it shows the corresponding item. If multiple tables are chosen, it displays Findings. You can add up to six grouping criteria.
Using field	Field on the table that the rule uses to group findings.
Assignment
Assign remediation tasks by	When automatically assigning remediation tasks, the Assignment choice is used in addition to the Group By choices to group the findings. New tasks are created, as needed, to ensure that each finding is placed in a task with a matching assignment group set. To automate the assignment of tasks created based on this rule, choose one of the options available. Group by field: If you selected any user group field from the Using field values in the Group by section, they appear in the drop-down menu. User Group: Use the lookup list to select a static user group.

Select Save.