> ## Documentation Index
> Fetch the complete documentation index at: https://docs.backline.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Remediation Policy

> Automatically exclude low-risk or non-actionable vulnerabilities from remediation

## Remediation Policy

Remediation Policy lets your organization automatically exclude low-risk or non-actionable vulnerabilities from remediation.

When the policy is enabled, Backline automatically moves vulnerabilities that match the selected rules to **Dismissed**. These vulnerabilities will not be remediated and will not appear in active remediation queues.

You can find this page under:

**Settings → Remediation Policy**

## How the Policy Works

Remediation Policy includes three optional rules:

<CardGroup cols={3}>
  <Card title="Risk Score Threshold" icon="gauge">
    Automatically dismiss vulnerabilities with a Risk Score below the selected threshold.
  </Card>

  <Card title="Not Reachable" icon="route">
    Automatically dismiss vulnerabilities that Backline determines are not reachable from the application code.
  </Card>

  <Card title="Not Exploitable" icon="shield-check">
    Automatically dismiss vulnerabilities that Backline determines are not exploitable in the customer environment.
  </Card>
</CardGroup>

<Note>
  A vulnerability is dismissed when it matches **any** enabled rule.
</Note>

## Enabling or Disabling the Policy

Use the main toggle at the top of the page to turn Remediation Policy on or off.

When the policy is off, Backline will not automatically dismiss vulnerabilities based on these rules. Your saved rule settings remain visible, but cannot be edited until the policy is turned back on.

## Saving Changes

After changing the policy settings, click **Save** to apply the changes.

You can click **Cancel** to discard your changes and restore the last saved policy configuration.