Organizations tend to have an accepted timeline across dev/infra teams to fix vulnerabilities after they have been identified/reported. SLA policy on Strobes allows you to define a timeframe for your IT, development, and patch management teams to resolve vulnerabilities on time. This can be defined on the basis of the severity of the vulnerabilities. Generally, the standard is 2,15 and 30 days for critical, high, and low vulnerabilities respectively. The benefit of configuring this policy within Strobes is that, if you have setup an email alert for 'Weekly Insights' and 'Due Date Violation', Strobes will send you an email every week about the status of vulnerabilities which will contain the SLA status, and you will also receive a mail when the SLA policy for a vulnerability has been violated. More about 'Email Alerts' here.
To configure the SLA policy, visit the SLA configuration under Settings and click on Edit to proceed. Enter the time as per your organization's standard.
Now for any vulnerability that gets reported onto the platform (which has either a Critical, High or Medium severity), SLA is added. That includes:
- Vulnerability age: How long has the vulnerability been living in the system since its discovery
- Due date: Time remaining to resolve the vulnerability
- SLA status: Whether a vulnerability is in Compliant or Violated state based on the due date
Please note that the SLA timeline starts only when the vulnerability gets into an Active state. More about states here.
If you have to view the SLA status of more than one vulnerability, you can apply a 'Filter' under the 'Vulnerability Management' page. The following is a demonstration on how to apply the filter to view the SLA status.
- Navigate to the 'Vulnerability Management' page after selecting an 'Asset' and the click on 'Filters' as shown below.
- Now select the first field as 'SLA Status' from the dropdown, the second field as 'is' and the third field as 'Compliant' or 'Violated' based on what you need to see.
- The filter will get applied and you will now be able to view the SLA status for the vulnerabilities of the selected Asset.