Bulk edit host vulnerable items with patches and solutions

  • Release version: Australia
  • Updated March 12, 2026
  • 4 minutes to read

    • Recommend a patch or solution for multiple host vulnerable items concurrently using the bulk edit feature in the Security Exposure Management Workspace.

    Before you begin

    Role required:
    • sn_vul.vulnerability_analyst, sn_vul.vulnerability_admin, or sn_vul.remediation_owner for host vulnerable items (VITs)
    • sn_vul.app_sec_manager, sn_vul.app_security_champion for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst, sn_vul_container.vulnerability_admin, or sn_vul_container.remediation_owner for container vulnerable items (CVITs)
    • sn_vulc.admin, sn_vulc.remediation_owner for configuration test results (CTRs)

    About this task

    In the Bulk edit modal, while adding a preferred solution and patch, you can also unassign or assign multiple host vulnerable items (VITs) to an assignment group simultaneously.

    Procedure

    1. Navigate to Workspaces > Security Exposure Management Workspace.
      Note:
      The selected records must be in the Open, Under Investigation, or Awaiting Implementation state.
    2. On the List page, under Host Vulnerable items, open the Active or All list.
    3. Perform one of the following:
      • Select the check box next to each item if you want to use the Only Selected Items option in the Record Selection field.
      • Apply filters if you want to use the All Vulnerable Items that match filter option in the Record Selection field.
      • Select the check box next to each item if you want to use the Only Selected Items option in the Record Selection field of Bulk Edit modal.
      • Apply filters if you want to use the All Vulnerable Items that match filter option in the Record Selection field of Bulk Edit modal.
    4. Select the Bulk Edit button.
    5. On the Bulk Edit modal, fill in the fields to recommend a patch or solution for multiple host vulnerable items.
      Table 1. Bulk Edit modal fields
      Field Description
      Record Selection Records to update. Choices are:
      • Only Selected Items: Select this option if you want to update the records you selected using the check box.
      • All Vulnerable Items that match filter: Select this option if you want to update the filtered records.
      • Remediation Task: Select this option if you want to update the records in a remediation task and then select the desired remediation task in the Remediation task field.
      • Vulnerability Entry: Select this option if you want to update the records specific to a common vulnerable entry (CVE) and then select the CVE in the Vulnerability Entry field.
      Note:
      • Records with invalid CI or CI decommissioned aren’t updated.
      • Only the records (VITs) in the Open, Under Investigation, or Awaiting Implementation state are updated.
      State Change for the State of the host vulnerable items. You can add preferred solution and patch only when you choose the following states.
      • Do Not Update
      • Open
      • Under Investigation
      • Awaiting Implementation
      Preferred Solution Solution that is targeted for remediating all the vulnerable items selected for bulk edit. Select the change for the Preferred Solution field in the vulnerable item. Choices are from a lookup list of available preferred solutions for the VITs selected.
      Note:
      • The set of available preferred solutions is an intersection of all potential solutions of the vulnerabilities across all selected VITs.
      • When selecting Record selection > Vulnerability Entry for a bulk edit, all VITs for the vulnerability will be set to the selected preferred solution.
        Note:
        This operation doesn’t set the Preferred solution at the vulnerability entry level. Setting the Preferred solution at the vulnerability entry level would set the Preferred solution for all new VITs going forward. The bulk edit only modifies the current set of VITs.
      • Distinct vulnerabilities across the selection criteria are limited to 500. If there are more than 500 distinct vulnerabilities, a warning message is displayed asking you to select VITs with different criteria for setting the Preferred solution.

      • The total number of solutions that can be shown in the lookup list is limited to 170. If there are more than 170 solutions, a warning message is displayed.

      The updated value is shown in the Vulnerable item list view.
      Preferred patch Patch that is targeted for remediating all the vulnerability items selected for bulk edit.
      Note:
      • You must install Patch Orchestration to view the list preferred patches.
      • The set of available preferred patches is an intersection of all potential patches across all selected VITs.
      • Distinct vulnerabilities across the selection criteria are limited to 500. If there are more than 500 distinct vulnerabilities, a warning message displays asking you to select VITs with different criteria for setting the Preferred patch.

      • The total number of patches that can be shown in the lookup list is limited to 170. If there are more than 170 patches, a warning message is displayed.
      Unassign All the selected items are unassigned for assignment group and remediation owner.
      Note:
      Assignment group Assignment group for the records. All the active assignment groups appear in this field.
      Note:
      This field is deactivated when you select the Unassign check box.
      Work notes Text that you enter to describe the changes.
    6. Select Edit.

    Result

    A bulk edit asynchronous job updates the selected host vulnerable items (VITs). The preferred solution and patch are added to the relevant host vulnerable items (VITs). Open a host vulnerable item, and view the preferred solution and patch in the Remediation section of the Details tab.