1 Reply Latest reply on Feb 9, 2018 11:01 AM by Sean Berry

    Why don't my vulnerabilities close immediately?

    Sean Berry
      Share This:

      Especially if a remediation is executed externally, or is found to be a false positive, it may take up to 60 minutes for that vulnerability to move from Scheduled to Closed, pending a data refresh from the endpoint management system (BSA as of 2/2017).


      To update this, edit the bmc-config.json, and look for the "delayBetweenRefreshCycles": line under "data.refresh.bsa":.  The default is 3600 [seconds] (60 minutes).  Given that it might be data intensive, it probably shouldn't be set lower than 5 even in a lab environment (but that may be handy for short demos).