Create a remediation task manually in the Security Exposure Management Workspace

  • Release version: Xanadu
  • Updated July 31, 2025
  • 2 minutes to read

    • You can create remediation tasks manually from the findings on the List page of Security Exposure Management Workspace. You can also create remediation tasks from the drill-down lists that appear when you click on the visualizations on the Home page.

    Before you begin

    Role required:
    • sn_vul.vulnerability_analyst, sn_vul.vulnerability_admin, or sn_vul.remediation_owner for host vulnerable items (VITs)
    • sn_vul.app_sec_manager, sn_vul.app_security_champion for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst, sn_vul_container.vulnerability_admin, or sn_vul_container.remediation_owner for container vulnerable items (CVITs)
    • sn_vulc.admin, sn_vulc.remediation_owner for configuration test results (CTRs)

    About this task

    Manual creation of Remediation Tasks (RTs) in Security Exposure Management Workspace offers granular control over remediation task management by enabling you to group records (VITs, CVITs, AVITs, or TRs) into remediation tasks dynamically in real time.

    You can create a remediation task manually, when you want to:
    • group vulnerable items by something other than the Remediation Task Rules criteria. For example, you can create remediation tasks for a particular manager, or for active, new exploits, such as ransomware that includes different vulnerabilities.
    • group ungrouped records.
    • remediation task rules are inactive.

    Procedure

    1. Navigate to Workspaces > Security Exposure Management Workspace > List.
    2. On the List page, open the Active or All list in one of the following lists:
      • Host Vulnerable Items
      • Application Vulnerable Items
      • Container Vulnerable Items
      • Configuration Test Results
    3. Optional: Select the check box of the records you want to update and then select the Selected items option in the Record selection field on the Create Remediation Task modal.
    4. Select Create Remediation Task.
    5. On the Create remediation task modal, fill in the following details.
      Table 1. Create remediation task modal
      Field Description
      Record selection
      • Selected items: Updates the selected records only.
      • All items: Updates all the records in the list.
      Short description Brief note about the remediation tasks.
      Grouping criteria Choices are:
      • Assignment group: Records with same assignment group are grouped into one remediation task.
      • Assignment group and configuration item: Records with same assignment group and configuration item are grouped into one remediation task.
      • Assignment group and vulnerability: Records with same assignment group and vulnerability are grouped into one remediation task.
      • Assignment group and risk rating: Records with same assignment group and risk rating are grouped into one remediation task.
      Managing records in other remediation tasks Choices are:
      • Skip records for new remediation tasks: No action is taken on the records that are part of other remediation tasks.
      • Move to new remediation tasks: Records that are part of other remediation tasks are transferred to new remediation tasks.
      • Keep in both current and new remediation tasks: Records that are part of other remediation tasks are kept in both old and new remediation tasks.
    6. Select Create remediation task.

    Result

    Remediation tasks are created based on the grouping criteria. An email notification is sent to the remediation owners in the assignment group, informing them that a remediation task has been created and assigned to their group. For examples on how remediation tasks are created based on the grouping criteria, see Examples for remediation task creation in the Security Exposure Management Workspace.