Assess exception rule requests from users so that you can approve or reject these requests.

Before you begin

Role required: sn_vul.exception_approver

About this task

Exception approver level 1 user group members can approve the level 1 exception rule requests. Similarly, exception approver level 2 user group members can approve the level 2 exception rule requests. Both the user groups inherit the exception approver role by default.
Note:

If you are deploying the VR application for the first time, the flow designer for exception management is enabled by default. If you are already using the workflow, you can update to the flow designer. In both cases, you cannot change it back to workflow. To configure approval rules for exception management and false positive, see Configure approval rules for Exception Management.

Procedure

  1. Navigate to All > Vulnerability Response > My Approvals.
  2. Select a request from your queue.
  3. Approve or reject the request with and explain why you approved or rejected the request.
    After an exception rule is approved, a remediation task (RT) is created in the Deferred state by default. Starting from the "Valid from" date, this rule runs on all the VIs that are created and also on the ones that are moved from the Closed to the Open state. VIs that match the defined conditions are added to the RT and deferred for the specified period.
    Note: If the rule is rejected, you can reopen it in the Draft state, update it, and then resubmit it for approval.