Working with an exception rule
You can request an exception for vulnerabilities, vulnerable items (VIs), or configuration items (CIs) that can't be remediated or deferred immediately. By automating the VI deferral process, you can defer the matching VIs based on the rule when the system identifies them.
You can perform the following tasks for an exception rule:
- Create an exception rule
- Approve an exception rule request
- Activating an exception rule
- Reopen an exception rule
- Update an approved exception rule
- Delete an exception rule
Starting from v21.0 of Vulnerability Response, you can configure the time frames for approving false positives and exceptions, along with email notifications for both the approver and requester after a set number of days. When a request is raised, the vulnerable item changes to In-Review status and a state change record is created. If the approver doesn't respond within the configured time frame, the vulnerable item or remediation task reverts to Open status. The previous state is stored in the backup_state field. For more information, see Configure approval rules for Exception Management.