Removing assignments from vulnerable items and remediation tasks

  • Release version: Zurich
  • Updated July 31, 2025
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Removing Assignments from Vulnerable Items and Remediation Tasks

    This feature enables remediation owners and vulnerability analysts to clear the Assigned to and Assignment group fields from vulnerable item and remediation task records that may be incorrectly assigned. The Unassign UI action allows for the reassignment of records that are outside of your scope or incorrectly allocated.

    Show full answer Show less

    Key Features

    • Unassign records such as remediation tasks (VULs, AVULs, CVULs) and vulnerable items (VITs, AVITs, CVITs) from both classic environments and workspaces.
    • Clearing assignments affects all associated records with the same assignment groups, but does not apply to records with differing assignment groups.
    • Approval flow can be configured for unassign requests, which can be managed by vulnerability administrators to streamline the process.
    • Notifications are sent to specified groups when records are unassigned, based on configurable system properties.
    • Daily scheduled jobs monitor unassigned records and help adjust assignment rules as necessary.

    Key Outcomes

    By utilizing the unassign functionality, customers can maintain accurate records, reduce workload on incorrectly assigned tasks, and improve overall efficiency in vulnerability management. Additionally, monitoring assignment rules through scheduled jobs allows for continuous improvements and adjustments to assignment strategies based on real-time data.

    You can clear the Assigned to and Assignment group fields on vulnerable items directly from the vulnerable item and remediation task records that you determine might be incorrectly assigned to you or your groups.

    Overview of the workflow

    Remediation owners and vulnerability analysts can clear the Assigned to and Assignment group fields and update records for reassignment with the Unassign UI action.

    Use case

    If you determine that records aren't within your scope for remediation, or if you think that they have been incorrectly assigned to you or to your groups, you can remove yourself or your groups from the Assigned to and Assignment group fields on vulnerable item and remediation task records.

    The Unassign UI action and more options menu

    You can Unassign the following records with a UI action or from the more options menu (Vertical dots) in any state other than Closed or Resolved:
    • Remediation tasks (VULs, AVULs, and CVULs) in both the classic environment and the workspaces.

      If a remediation task is updated with this feature, the Assigned to and Assignment group fields on all of its associated VITs that have the same assignment groups are also cleared.

      Note:
      If any VIT, AVIT, or CVIT on a remediation task has a different assignment group than its remediation task, it is not unassigned. In most cases, these vulnerable items have been manually assigned.
    • Vulnerable items (VITs, AVITs, and CVITs) in the classic environment and the workspaces.

    Any records that you update assignments for with the UI action or manually are displayed on the Unassigned module under their respective product modules.

    For the steps to clear the Assigned to and Assignment group fields on records with the Unassigned UI action, see Remove assignments from vulnerable items and remediation tasks for more information.

    System property and notifications

    If you select Unassign on a record, by default, the sn_vul.unassign_vr.approval_required and system property triggers the approval flow and creates a state change approval record in review state and approval request is raised for approver which displays in the My Approvals list.

    Note:
    As a vulnerability administrator [sn_vul.vulnerability_admin], you can set the sn_vul.unassign_vr.approval_required system property to false to disable the approval process.
    • If the request is approved, sn_vul.default_assignment_group clears the Assigned to and Assignment group fields and populates the Assignment type field with Unassigned. As a vulnerability administrator, you can change the value in the sn_vul.default_assignment_group system property so that the assignment fields are cleared and a specific group is then assigned. For example, if a user clicks Unassign on a record and you want to redirect it to a specific group for review, you can add a system ID for the group of your choice in the Value field of the system property.
      Note:
      If you change this value, notifications for all the VITs, AVITs, and CVITs that are unassigned are sent to the group you specify.
    • If your request is rejected, the reason is displayed in the Notes tab.

    Alternatively, if sn_vul.default_assignment_group is not configured for a specific group, by default, users that you add to the Unassign notification user group are alerted when records are unassigned. The sn_vul.default_assignment_group system property determines the notifications to this group.

    The assignment type, whether it's Manual, Rule, or Unassigned, is available from the VIT records and the list view. The Unassigned assignment type is displayed on records after the Assigned to and Assignment group fields are cleared by the system property.

    See Approve or reject an unassign request in Vulnerability Response for more information about approving requests.

    Monitoring your assignment rules with the scheduled job for this feature

    A daily scheduled job counts the records when they transition to Unassigned assignment type. With this count, vulnerability analysts can monitor and adjust any assignment rules that might not be performing well based on any assignment rules that have higher counts of unassigned VIs.

    The Reassignment count for assignment rules scheduled job runs daily and posts the total number of VIs that are unassigned by this feature for a particular assignment rule.

    The counts gathered by this job apply to the vulnerable items and the unique assignment rules for Vulnerability Response and Application Vulnerability Response. Counts are displayed by assignment rule in each assignment rules list for each module.

    The job also counts any records that are manually unassigned. Both the manual counts and the counts gathered by this feature are posted on the Vulnerability Assignment Rules list in two columns: Reassignment count - manual items and Reassignment count - unassigned items.

    1. As a vulnerability admin, to view these counts, navigate to Vulnerability Response > Administration > Assignment Rules.
    2. Click the gear icon in the upper right of the list and select the Reassignment count - manual items, and Reassignment count - unassigned items for display.
    3. Any VI that was originally assigned by a rule but subsequently automatically or manually reassigned contains a reference to the original rule on the list view.

    The following example shows reassignment counts for two assignment rules.

    Reassignment counts for two assignment rules for Vulnerability Response VITs.