If you are using multiple scanners on the same asset to detect vulnerabilities, multiple vulnerable items (VIs) might be created. You can identify these duplicate VIs to ensure that the duplicate vulnerabilities are not assigned to the remediation owners.

This resolution is possible only if the same vulnerabilities, such as the same Common Vulnerabilities and Exposures (CVEs) are detected. The vulnerability combination depends on the scanners being used. For example, Qualys and Tenable have their own vulnerability type, that is, third-party entries (TPEs), and other scanners such as Microsoft Defender for Endpoint detect vulnerabilities based on CVEs.

Starting from v 17.1, while creating a remediation effort, you can automatically refresh duplicate vulnerable items on the created remediation tasks. To automatically refresh the duplicate vulnerable items, you must select the Automatically refresh duplicate vulnerable items for the created remediation tasks option.

Show Duplicate VIs: Identify duplicate vulnerable items reported by multiple scanners in the system. You can mark the duplicate VI as Resolved. For more information, see Automatically resolve duplicate vulnerabilities. Duplicate entries are only shown when the combination of vulnerabilities is created using CVEs. For more information, see Vulnerability Response remediation task and vulnerable item states.