Activating an exception rule in Container Vulnerability Response
-
- UpdatedAug 3, 2023
- 1 minute read
- Vancouver
- Security Operations
The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.
A rule is activated on its "Valid from" date. After activation, it automates the exception process for container vulnerable items (CVITs).
The exception rule follows this life cycle:
- The new CVITs that you create or reopen, and that meet the specified condition, are deferred. If you enable the Execute on existing data option when you run the exception rule for the first time, all the active and non-deferred CVITs that match the exception rule condition are moved to the newly created remediation task (RT) and its state is changed to Deferred.
- If a newly created CVIT matches the exception rule condition, it is moved to the deferred RT that is associated with the rule and the group rule is not run on it.
- On the "Valid from" date, existing CVITs are added if you enable the Execute on existing data option.
- The RT stops accepting new CVITs when the rule expires on the "Valid to" date. The RT remains in existence until the "Deferred until" date.
- The exception rule expires on the "Valid to" date.