implementing-vulnerability-remediation-sla

Featured

Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities based on severity, asset criticality, and exploit availability. Effective SLA programs

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Vulnerability Remediation SLA ## Overview Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities based on severity, asset criticality, and exploit availability. Effective SLA programs drive accountability, ensure consistent remediation timelines, and provide measurable KPIs for vulnerability management maturity. ## When to Use - When deploying or configuring implementing vulnerability remediation sla capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Vulnerability scanning program producing regular findings - Asset inventory with criticality classifications - Ticketing system (Jira, ServiceNow, etc.) for remediation tracking - Executive sponsorship for SLA enforcement - Cross-functional agreement from IT operations, development, and security ## Core Concepts ### SLA Framework Components 1. **Severity Classification**: CVSS base score + threat context (EPSS, KEV) 2. **Asset Tiering**: Business criticality and exposure level 3. **Remediation Timeframes**: Maximum days to remediate by category 4. **Exception Process**: Documented approval for SLA extensions 5. **Escalation Procedures**: Actions when SLAs are breached 6. **Metrics and Reporting**: KPIs for compliance tracking ### Recommended...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

building-vulnerability-aging-and-sla-tracking

Implement a vulnerability aging dashboard and SLA tracking system to measure remediation performance against severity-based timelines and drive accountability.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-vulnerability-sla-breach-alerting

Build automated alerting for vulnerability remediation SLA breaches with severity-based timelines, escalation workflows, and compliance reporting dashboards.

12,642 Updated today
mukul975
API & Backend Featured

performing-endpoint-vulnerability-remediation

Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches, applying configuration changes, and validating fixes. Use when remediating findings from vulnerability scans, responding to critical CVE advisories, or maintaining endpoint compliance with patch management SLAs. Activates for requests involving vulnerability remediation, CVE patching, endpoint vulnerability management, or security fix deployment.

12,642 Updated today
mukul975
AI & Automation Featured

performing-asset-criticality-scoring-for-vulns

Develop and apply a multi-factor asset criticality scoring model to weight vulnerability prioritization based on business impact, data sensitivity, and operational importance.

12,642 Updated today
mukul975
AI & Automation Featured

building-vulnerability-exception-tracking-system

Build a vulnerability exception and risk acceptance tracking system with approval workflows, compensating controls documentation, and expiration management.

12,642 Updated today
mukul975