Security Exposure Management Approvals View

  • Release version: Yokohama
  • Updated November 19, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security Exposure Management Approvals View

    The Security Exposure Management Approvals View unifies the approval process for vulnerability and compliance exceptions, simplifying workflows for remediation owners and approvers. It provides a centralized landing page where approvers can efficiently manage all types of approval requests related to security exposures, improving visibility and streamlining actions.

    Show full answer Show less

    Key Features

    • Comprehensive Approval Categories: The landing page includes widgets for various approval types such as Today’s approvals, Pending approvals, Exception approvals, False positive approvals, Overdue approvals, Expiring exceptions, Exception extensions, and Repeated rejections. This categorization helps approvers quickly identify and prioritize requests.
    • Interactive Request Details: Each approval request provides clickable links to detailed information including record references, request type and number, risk rating, remediation status, assignment group, and current state, allowing easy access to all relevant context.
    • Unified Approval Actions: Approvers can view requester information, purpose, impacted services, approval levels, and comments in one place, and can approve or reject requests directly within the record, streamlining the decision process.
    • Integrated Deferral Management: Users can defer findings or remediation tasks directly from their forms, initiating approval requests seamlessly within the Security Exposure Management workspace.
    • Complete Audit Trail: Every comment and approval action is logged and attributed to ensure accountability and traceability throughout the approval lifecycle.
    • AI-Driven Recommendations: Generative AI assists in streamlining approvals for exceptions and false positive requests by providing intelligent recommendations, enhancing efficiency and decision accuracy.
    • Legacy Request Access: Links to legacy approvals remain available during migration, ensuring continuity and access to all historical approval data.

    Key Outcomes

    • Improved efficiency in handling vulnerability and compliance exception approvals through a unified and intuitive interface.
    • Enhanced visibility of all pending, overdue, and expiring requests, allowing timely and informed decision-making.
    • Streamlined workflows enable approvers to manage and act on requests without switching contexts or systems.
    • Better control and auditability of approval activities, supporting compliance and governance requirements.
    • Support for AI-driven insights helps reduce manual effort and improve the quality of approval decisions.

    The approval process in Security Exposure Management for vulnerability and compliance exceptions is unified to simplify workflows, improve visibility, and streamline actions for Approvers.

    The Approvals landing page provides a comprehensive view of all approval requests initiated by remediation owners to view specific requests, with navigation widgets such as:
    • Today’s approvals: Approvals due for action today (e.g., an unassignment request expiring by end of day).
    • Pending approvals: Approvals awaiting action beyond today across all request types.
    • Exception approvals: Approvals specifically for exception requests (e.g., a request to allow delayed patching of a high-risk vulnerability).
    • False positive approvals: Approvals for requests flagged as false positives (e.g., scanner incorrectly reporting a vulnerability on a host).
    • All approvals: Consolidated list of all approvals, including exception, false positive, risk reduction, and unassignment (e.g., a single view of everything awaiting your approval).
    • Overdue approvals: Approvals that have crossed their due date (e.g., a risk reduction request that was supposed to be approved yesterday).
    • Expiring exceptions: Exceptions scheduled to expire within the next 7 days.
    • Exception extensions: Deferral extension requests raised after an initial exception request was approved. The initial request may still be in an approved state or may have already expired. This widget covers two scenarios:
      • An extension request raised directly against an existing finding.
      • A new vulnerability change approval (VCA) created after a previously approved VCA's finding expired. This new request is treated as a continuation of the original exception.
    • Repeated rejections: Approvals where a remediation owner has resubmitted a VCA for the same deferral exception after a prior VCA was rejected.
    Each approval request contains interactive links that provide access to detailed information, including Record Reference for findings, Request Type, Request Number, Risk Rating, Remediation Status, Approval Assignment Group, and Current State. You can also access click-able links to view details related to associated findings. See Configure Approval List and Form View.

    When opening a finding record (e.g., VIT, AVIT, CVIT, Test Results), users can view detailed attributes such as state, remediation status, assignment group, information about the finding, relevant detections, change approvals, and requested approvals.

    You can defer a finding or remediation task directly from its respective form in the Security Exposure Management workspace. Once submitted, the request is sent for approval. This unification offers:

    View the requester, purpose, impacted services, approval levels, and comments all in one place.

    Approvers can approve or reject requests directly within the same record. See Reviewing an Approval Request.

    Every comment and approval action is recorded and attributed.

    You can use generative AI to streamline the approval process for exceptions and false positive requests with AI-driven recommendations. For more information, see: Approval Recommendation

    All requests including pending, overdue, or completed, are easy to locate and manage in the single view. Links to legacy approval requests are available for items that remain in the old flow during the migration period.