False Positive
A remediation owner can mark a vulnerability incident or a vulnerability incident group as false positive in a scenario where the vulnerability has already been remediated. The remediation owner provides the reasons and required artifacts while confirming the false positive request so that the approver team can investigate for request approval.
Once a vulnerability is marked as a false positive, it is approved by assigned approvers. If the false positive request is approved, no further action is needed. If the false positive request is rejected, the remediation owner needs to follow the remediation steps.
To understand the status, you can track the State of the vulnerability incident and VMDR Approvals tab.
Using the following steps, you can process a False Positive request: