×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Documentation update

   

The service name is changed from BMC Helix Vulnerability Management to BMC Helix Automation Console.
You can find the latest documentation at BMC Helix Automation Console. Open link .
BMC Helix Vulnerability Management Administering

Exceptions

In certain situations, you may want to put off remediating vulnerabilities collated in BMC Helix Automation Console.
For example:

  • Assets with vulnerabilities are planned for decommissioning. 
  • Vulnerabilities may be less critical, or in legacy applications on production servers.
  • Vulnerabilities are to be remediated in a planned maintenance window at a later date.

In such scenarios, you can create exceptions to exclude specified vulnerabilities while creating remediation operations.

Only users with administrative rights can create exceptions. All other users can only view the exception details.

When you create an exception for the current date, it is in the Active state. When you create an exception for a future date, it is in the Enabled state, and on the specified date, the status changes to Active.

The impact of exceptions for vulnerabilities is described in the following table:


Enabled stateActive state

Exceptions for vulnerabilities


  • All the vulnerability and asset combinations appear on the Risks and Assets pages.
  • You can create remediation operations for the vulnerabilities.
  • The vulnerability data appears with the reduced number of impacted assets on the Risks page.
  • The scanned asset data appears with the reduced number of vulnerabilities on the Assets page.
  • You cannot create remediation operations for the vulnerabilities.

If you create an exception for a vulnerability on all the assets, then the same vulnerability data don't appear on the Risks > Vulnerabilities and Dashboard > Vulnerability Dashboard pages. 

Sometimes the vulnerability scanning systems result wrongly indicates vulnerabilities on the assets. In this case, you can create permanent exceptions to restrict those vulnerabilities from getting reported in the future scan results. If you want to extend an exception for vulnerabilities for which the remediation content is still not available, you can update the end date of that particular exception.

Where to go from here

To create, view, disable, enable, and delete an exception, see Working with exceptions.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Adlapalli sunil kumar Achary on Dec 16, 2020

Comments

Log in or register to comment.

Enabling change automation
Working with exceptions
© Copyright 2019 - 2021 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.