CyberOrigen

English

Español
Français
Deutsch

English

Español
Français
Deutsch

Appearance

Remediation

The Remediation view helps you track and manage vulnerability fixes across your organization.

Overview

Navigate to Remediation in the sidebar to see:

  • Open remediation tasks
  • In-progress work
  • Completed fixes
  • Verification status

Remediation Workflow 

Finding Discovered → Task Created → Assigned → In Progress → Fixed → Verified → Closed

1. Task Creation

When a vulnerability is discovered:

  • Automatic: High/Critical findings auto-create tasks
  • Manual: Create tasks from any finding

2. Assignment

Assign tasks to team members:

  1. Open the remediation task
  2. Click Assign
  3. Select assignee
  4. Set due date based on severity:
    • Critical: 24-48 hours
    • High: 7 days
    • Medium: 30 days
    • Low: 90 days

3. Remediation

The assignee works on the fix using AI-provided guidance:

  • Step-by-step instructions
  • Code examples
  • Configuration changes
  • Testing procedures

4. Verification

After implementing a fix:

  1. Click Request Verification
  2. CyberOrigen runs a targeted re-scan
  3. If vulnerability is no longer present: ✅ Verified
  4. If still present: Returned to In Progress

Professional Feature

Automated re-scan verification is available on Professional and Enterprise plans.

Task Management

Task List

View all remediation tasks with:

ColumnDescription
FindingVulnerability being remediated
SeverityCritical, High, Medium, Low
AssigneeTeam member responsible
Due DateTarget completion date
StatusOpen, In Progress, Pending Verification, Closed

Filtering

Filter tasks by:

  • Status
  • Severity
  • Assignee
  • Due date
  • Overdue only

Sorting

Sort by:

  • Due date (default)
  • Severity
  • Assignee
  • Created date

AI Remediation Guidance

CyberOrigen's AI provides detailed fix instructions for each task.

Accessing Guidance

  1. Open a remediation task
  2. Click View AI Guidance
  3. Review step-by-step instructions

Guidance Includes

  • Description: What the vulnerability is and why it matters
  • Impact: Business and security risk
  • Steps: Detailed remediation instructions
  • Code Examples: Before/after code samples
  • Verification: How to confirm the fix works
  • Resources: Links to relevant documentation

Example 

Task: Fix SQL Injection in User API

Description:
The /api/users endpoint is vulnerable to SQL injection
through the user_id parameter, allowing attackers to
extract or modify database contents.

Impact: Critical
- Data breach potential
- Compliance violation (SOC 2, PCI-DSS, HIPAA)
- Reputation damage

Remediation Steps:

1. Replace string concatenation with parameterized queries:

   # Before (vulnerable)
   query = f"SELECT * FROM users WHERE id = {user_id}"

   # After (secure)
   query = "SELECT * FROM users WHERE id = %s"
   cursor.execute(query, (user_id,))

2. Add input validation:

   def validate_user_id(user_id):
       if not isinstance(user_id, int):
           raise ValueError("Invalid user ID")
       if user_id < 1:
           raise ValueError("User ID must be positive")
       return user_id

3. Deploy and test

Verification:
- Run CyberOrigen re-scan
- Test manually with payloads: ' OR '1'='1, 1; DROP TABLE users--
- Verify application still functions correctly

Integration with Ticketing

Built-in Tickets

CyberOrigen includes Peppermint ticketing system:

  1. Remediation tasks sync with tickets
  2. Comments and status stay synchronized
  3. Full audit trail maintained

External Integrations

Connect to your existing ticketing system:

  • Jira: Bi-directional sync (Professional+)
  • GitHub Issues: Create issues from tasks (Professional+)
  • Custom Webhook: POST to any endpoint

Professional Feature

Jira and GitHub integration requires a Professional or Enterprise subscription.

SLA Tracking

Monitor remediation performance against SLAs:

SeveritySLA TargetYour Average
Critical48 hours36 hours ✅
High7 days5 days ✅
Medium30 days28 days ✅
Low90 days45 days ✅

SLA Alerts

Configure alerts when:

  • Task approaching due date
  • Task overdue
  • SLA breach risk

Reporting

Generate remediation reports:

  • Status Report: Current state of all tasks
  • Trend Report: Remediation velocity over time
  • SLA Report: Performance against targets
  • Team Report: Per-assignee metrics

API Access

bash
# List remediation tasks
GET /api/v1/remediation?status=open

# Get task details
GET /api/v1/remediation/{task_id}

# Update task
PATCH /api/v1/remediation/{task_id}
{
  "status": "in_progress",
  "notes": "Working on fix"
}

# Request verification
POST /api/v1/remediation/{task_id}/verify

See API Reference for full documentation.

Best Practices

  1. Assign Immediately: Don't leave tasks unassigned
  2. Set Realistic Dates: Use severity-based SLAs
  3. Follow AI Guidance: Use provided remediation steps
  4. Test Thoroughly: Verify fixes before marking complete
  5. Document Work: Add notes explaining what was done
  6. Track Metrics: Monitor remediation velocity

Agentic AI-Powered Security & Compliance

Copyright 2025 CyberOrigen. All rights reserved.