What is the recommended method to block a specific CVE for 14 days when creating...

When creating an Image Assessment policy exclusion in CrowdStrike Falcon Cloud Security, the recommended and most precise method to temporarily suppress a specific CVE isVulnerability ID & Exclude until 14 days.

This approach allows security teams to explicitly reference a known CVE (for example, CVE-2024-XXXX) and suppress enforcement for a defined time window. The 14-day exclusion period is commonly used to allow development teams time to rebuild images, validate patches, or address dependency constraints without permanently weakening security posture.

Broad exclusions based on recently published vulnerabilities or packages can unintentionally suppress unrelated risk and increase exposure. Indefinite exclusions are discouraged unless there is a strong, documented business justification.

CrowdStrike documentation and best practices emphasizetime-bound, CVE-specific exclusionsto balance operational flexibility with security rigor. Therefore, the correct and recommended option isVulnerability ID & Exclude until 14 days.