When is the workflow triggered for 'Vulnerability Response - Scan Vulnerable Item'?

The workflow for 'Vulnerability Response - Scan Vulnerable Item' is indeed triggered when an individual Vulnerable Item is set to Resolved. This is crucial because it indicates that the necessary remediation measures have been put in place for the identified vulnerability, and now the system needs to verify that the vulnerability has been effectively addressed.

When a Vulnerable Item is marked as Resolved, it prompts the workflow to initiate a scan to confirm that the vulnerabilities are no longer present. This ensures that the corrective actions taken were successful and that the system is no longer at risk due to the previously acknowledged vulnerability.

The other scenarios do not trigger this specific workflow. For instance, marking an item as Active may imply that it needs attention but does not directly initiate a scan. A scheduled scan frequency is part of ongoing maintenance but does not relate to the individual item status triggering remediation validation. Similarly, while detecting a new vulnerability is important, it does not trigger the resolution workflow for existing items.