Automating Vulnerability Response Questions

A team member raises a false positive request from an open remediation task. What state change is documented at request time?

What happens immediately after an exception request is raised from a vulnerable item or remediation task?

What happens if a false positive request is not approved?

How does an approved exception rule differ from a one-off approved exception request?

Which pair names the documented bases for auto-closing stale detections?

What is the documented outcome when an exception request is not approved?

Which documented feature is used when a valid finding cannot be remediated right away and needs approval to defer work?

Which automation can prevent matching detections from turning into vulnerable items during ingestion?

What extra automation occurs when an exception rule, not just a one-off exception, is approved?

In a time-bound false positive case, who sets the end date according to the official behavior?

If a false positive request is denied, what happens next to the record?

A scanner flags a condition on a device that has already been decommissioned, so there is no real vulnerability. What is the documented classification...

Which optional behavior can be enabled for auto-close stale detections?

Which pair names the primary bases ServiceNow documents for auto-closing stale detections?

What happens when an exception request is submitted from a vulnerable item or remediation task?