Request exceptions for remediation tasks and records from the Vulnerability Manager Workspace

Release version: Xanadu

Updated August 1, 2024

1 minute to read

From the Vulnerability Manager Workspace, vulnerability managers and analysts can request exceptions and false positives for a remediation task (VUL, AVUL, CVUL or CRG) and record (VIT, CVIT, AVIT or TR). You can also split a remediation task and create change requests.

Role required:

sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items
sn_vul.app_sec_manager for application vulnerable items
sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items
sn_vulc.admin for configuration test results

Note:

Starting with v19.0 of Vulnerability Response, the following terms have been renamed:

Table 1. Changes in terminology
Terminology prior to v19.0	Terminology v19.0 onwards
Test Result Groups	Remediation Tasks
Configuration Issues	Configuration Test Results
Policy	Test group

In the Vulnerability Manager Workspace, you can perform the following on the records and remediation tasks:

Split a remediation task (VUL, AVUL, CVUL, and CRG).
Request an exception for a record (VIT, AVIT, CVIT, or CTR) or remediation task (VUL, AVUL, CVUL, or CRG).
Request a policy exception for records (VIT, AVIT, or CVIT) or remediation task (VUL, AVUL, CVUL, or CRG).
Create a change request for remediation task (VUL, CVUL, or CRG).
Request a false positive for record (VIT, AVIT, or CVIT) or remediation task (VUL, AVUL, CVUL or CRG).
Note:
You can raise false positive requests for a set of test results and remediation task (CRG) starting from v22.0 of Vulnerability Response.

You initiate these UI actions from records in the Vulnerability Manager Workspace, the same way remediation owners perform these tasks in the IT Remediation Workspace.

See the following topics for more information: