Update the state of records in bulk in the Security Exposure Management Workspace

Release version: Australia

Updated March 12, 2026

1 minute to read

Update the state of multiple findings concurrently according to their remediation progress using the bulk edit feature in the Security Exposure Management Workspace.

Before you begin

Role required:

sn_vul.vulnerability_analyst, sn_vul.vulnerability_admin, or sn_vul.remediation_owner for host vulnerable items (VITs)
sn_vul.app_sec_manager, sn_vul.app_security_champion for application vulnerable items (AVITs)
sn_vul_container.vulnerability_analyst, sn_vul_container.vulnerability_admin, or sn_vul_container.remediation_owner for container vulnerable items (CVITs)
sn_vulc.admin, sn_vulc.remediation_owner for configuration test results (CTRs)

Procedure

Navigate to Workspaces > Security Exposure Management Workspace > List.
On the List page, open the Active or All list in one of the following lists:
- Host Vulnerable items
- Container Vulnerable items
- Application Vulnerable items
Perform one of the following:
- Select the check box next to each item if you want to use the Only Selected Items option in the Record Selection field.
- Apply filters if you want to use the All Vulnerable Items that match filter option in the Record Selection field.
Select the Bulk Edit button.

On the Bulk Edit modal, fill in the following fields to update the state of the records.

Table 1. Bulk Edit modal fields
Field	Description
Record Selection	Records to update. Choices are: Only Selected Items: Select this option if you want to update the records you selected using the check box. All Vulnerable Items that match filter: Select this option if you want to update the filtered records. Remediation Task: Select this option if you want to update the records in a remediation task and then select the desired remediation task in the Remediation task field. Vulnerability Entry: Select this option if you want to update the records specific to a common vulnerable entry (CVE) and then select the CVE in the Vulnerability Entry field. Note: Records with invalid CI or CI decommissioned aren’t updated.
State	Change for the State in the record. Choices are: Do Not Update Open Under Investigation Awaiting Implementation Deferred For more information, seeRequest bulk exception in the Vulnerability Manager Workspace. Closed For more information, see Bulk edit for false positive in the Vulnerability Manager Workspace Resolved Note: Only the records for which the state transition is valid are updated.
Work notes	Text that you enter to describe the changes.

Select  Edit.

A bulk edit asynchronous job updates the selected records.