Sprinto Dashboard

How to resolve Sprinto check for resolving vulnerability within the SLA

About

Sprinto's vulnerability management checks remind users to promptly address detected vulnerabilities, meeting data compliance requirements within the defined Service Level Agreement (SLA). This proactive approach ensures timely resolution and contributes to removing known vulnerabilities from infrastructure systems. Reducing the attack surface enhances the overall security of the infrastructure system.

How the check works

After integrating and configuring the infrastructure monitoring source in Sprinto's Vulnerabilities section, any vulnerabilities detected by this monitoring source are retrieved onto Sprinto. A corresponding check is assigned to the vulnerability, and these checks remain activated with a status of "Low/ Moderate/ High/ Critical" until addressed.

The following checks get activated upon vulnerability detection based on your integrated monitoring service on Sprinto:

Monitoring service

Sprinto check

Dependabot

Dependabot vulnerability alert should be resolved within SLA

SLScan

SLScan vulnerability alert should be resolved within SLA

AWS Inspector

AWS Inspector vulnerability alert should be resolved within SLA

Google Security Center

Google Security Center vulnerability alert should be resolved within SLA

SonarQube

SonarQube vulnerability alert should be resolved within SLA

RapidFort

RapidFort vulnerability alert should be resolved within SLA

SonarCloud

SonarCloud vulnerability alert should be resolved within SLA

Semgrep

Semgrep vulnerability alert should be resolved within SLA

How to fix the check

To resolve an activated check, you can take one of the following actions:

  • Resolve it from the source: When the detected vulnerability is relevant and impacts the security of the infrastructure system, resolve it directly from the monitored infrastructure service. Once resolved, Sprinto detects the changes made to the infrastructure system and automatically sets the vulnerability check status to "Passing.” Note: Please anticipate a delay of up to 24 hours before the check status is updated. Sprinto refreshes the integration data every 24 hours.

  • Mark vulnerability as a special case: If the detected vulnerability doesn't directly impact the security of in-scope infra entities or if the resolution will take longer than the defined SLA, and you don't want to fail the assigned check, you can mark the vulnerabilities as a special case. Special case-marked vulnerabilities are clearly highlighted in the compliance audit. You can mark the vulnerability permanently or temporarily with an expiry date. Marking it as a special case sets the assigned check status to Passing. Refer to the instructions on how to mark a vulnerability as a special case for detailed guidance.

Review or modify SLA for Sprinto’s vulnerability resolving check:

Follow the below applicable section:

Reviewing SLA

  • To review the default SLA, navigate to Security Hub > Settings > Check Configuration, and select the Configure SLA tab.

  • Click Manage next to “Vulnerability alert should be resolved within SLA” and review the default SLA of each check’s state.

Modifying Check Status Durations

Note: Modifying custom SLA based on vulnerability severity is available on our Professional and above plans.

  • Click Configure from the Check Manage page.

  • Modify the duration as needed, and click Save Changes to apply the changes.

Support

Get in touch with our support team if you have any queries related to the Sprinto check or need any assistance.

Last updated