Configure Exception Management for Container Vulnerability Response

Watch

Save as PDF

Share this page

Feedback

Security Operations

HomeVancouver Security ManagementSecurity OperationsAttack surface management applicationsContainer Vulnerability ResponseConfiguring Container Vulnerability ResponseConfigure Exception Management for Container Vulnerability Response

Table of Contents

Configure Exception Management for Container Vulnerability Response

Release version:
Vancouver
Yokohama
Xanadu
Washington DC
UpdatedAug 3, 2023
2 minutes to read

Vancouver
Security Operations

The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.

Limit the duration of an exception requested and add a questionnaire to the exception or false positive request using the Container Vulnerability Response module. By default, an exception is requested using the ServiceNow® Container Vulnerability Response module. You can also request an exception using the GRC: Policy and Compliance Management integration.

Before you begin

Role required: sn_vul_container.manage_exception_configuration

About this task

If Container Vulnerability Response is enabled, you can limit the duration for which an exception can be requested. Similarly, if the GRC: Policy and Compliance Management module is installed, you can select GRC: Policy and Compliance Management on the configuration screen. Enabling this option lets you request an exception that specifies the Policy and Control objective from GRC.

If you add a questionnaire, it’s sent to the person raising the exception or false positive request. You can either use the default questionnaire or create one based on your requirements. .

It’s useful for the exception approver to understand the reason for requesting the exception.

Procedure

Navigate to All > Container Vulnerability Response > Administration > Exception Management.
On the Exception Management Configuration form, select how you want to manage an exception by selecting an option from the Manage exceptions using list.
You can select either Vulnerability Response or GRC: Policy and Compliance Management.

If you selected the Vulnerability Response option, enter the following information:

Search:

Table 1. Vulnerability Response fields
Field	Description
Duration	Period for which an exception can be requested.
Unit	Unit of time for the specified period.
Enable questionnaire to mark false positive	Option to add a questionnaire to the false positive request being raised.
Enable questionnaire to request exception	Option to add a questionnaire to the exception request being raised.
Questionnaire to request exception	Displays the questionnaire selected by you to request an exception. Exception Questionnaire is displayed by default.

Note: When you select GRC: Policy and Compliance Management, the Duration and Unit fields disappear as Governance, Risk, and Compliance handles that flow.

Select Save.

Was this topic helpful?

Yes No

Create or edit remediation target notifications

Quick start tests for Container Vulnerability Response

Create or edit remediation target notifications

Quick start tests for Container Vulnerability Response

Vancouver Security Management

Filters

Versions

Products