Close records in bulk in the Security Exposure Management Workspace

Release version: Australia

Updated March 12, 2026

1 minute to read

Close multiple records (VITs, AVITs, or CVITs) concurrently using the bulk edit feature in the Security Exposure Management Workspace.

Before you begin

Role required:

sn_vul.vulnerability_analyst, sn_vul.vulnerability_admin, or sn_vul.remediation_owner for host vulnerable items (VITs)
sn_vul.app_sec_manager, sn_vul.app_security_champion for application vulnerable items (AVITs)
sn_vul_container.vulnerability_analyst, sn_vul_container.vulnerability_admin, or sn_vul_container.remediation_owner for container vulnerable items (CVITs)
sn_vulc.admin, sn_vulc.remediation_owner for configuration test results (CTRs)

Navigate to Workspaces > Security Exposure Management Workspace > List.
On the List page, open Active or All list in one of the following lists:
- Host Vulnerable items
- Container Vulnerable items
- Application Vulnerable items
Perform one of the following:
- Select the check box next to each item if you want to use the Only Selected Items option in the Record Selection field.
- Apply filters if you want to use the All Vulnerable Items that match filter option in the Record Selection field.
Select the Bulk Edit button.

On the form, fill in the fields to close the selected records.

Table 1. Bulk Edit modal fields
Field	Description
Record Selection	Records to update. Choices are: Only Selected Items: Select this option if you want to update the records you selected using the check box. All Vulnerable Items that match filter: Select this option if you want to update the filtered records. Remediation Task: Select this option if you want to update the records in a remediation task and then select the desired remediation task in the Remediation task field. Vulnerability Entry: Select this option if you want to update the records specific to a common vulnerable entry (CVE) and then select the CVE in the Vulnerability Entry field. Note: Records with invalid CI or CI decommissioned aren’t updated. Only the records in the Open, Under Investigation, or Awaiting Implementation state are updated.
State	Select the state as Closed.
Reason	Reason for closing records: False Positive Note: When you select this option to mark the records as false- positive, the Reason, Short description, and Additional information fields appear. For more information on bulk edit for false positive, see Bulk edit for false positive in the Vulnerability Manager Workspace. Cancelled Fixed Note: The reasons, Cancelled and Fixed are not applicable to CVITs.
Work notes	Text that you enter to describe the changes.