Sprinto DashboardAPI Reference

Vulnerability & Security Monitors

Vulnerability and security monitors in Sprinto help organisations track how identified weaknesses are remediated and how ongoing security assessments are performed. These monitors cover VAPT (Vulnerability Assessment and Penetration Testing), patching timelines, and SLA-driven remediation requirements. They ensure that discovered issues are resolved promptly, evidence is available for audits, and recurring testing is properly documented.

By enabling these monitors, Sprinto continuously validates that vulnerabilities are addressed within defined timelines and that evidence of periodic assessments is captured.

What Sprinto Monitors

Sprinto checks for:

  • Vulnerability Remediation SLA Ensures vulnerabilities are resolved within the organisation’s defined SLA (e.g., critical issues patched within 30 days).

  • VAPT Findings Resolution Tracks whether identified vulnerabilities from penetration tests or scans are remediated with supporting evidence.

  • Periodic VAPT Reports Ensures that vulnerability assessment and penetration test (VAPT) reports are uploaded at regular intervals (e.g., quarterly, annually).

  • Device Security Checks (Extended) Confirms that staff devices have required protections, such as antivirus and screen lock policies, when linked to vulnerability management evidence.

Benefits

  • Reduced Security Risk – Ensures vulnerabilities are addressed before they can be exploited.

  • Audit-Ready Evidence – Provides clear proof of remediation activities and periodic assessments.

  • Improved Governance – Enforces SLA-based remediation policies across teams.

  • Continuous Monitoring – Extends coverage to staff devices, reducing the chance of overlooked security gaps.

Supported Inputs

Sprinto collects vulnerability and assessment data from:

  • VAPT Reports (manual uploads)

  • Security tool integrations (e.g., antivirus detection, device monitors)

  • Remediation evidence uploaded directly in Sprinto

Next Steps

  • Configure your organisation’s SLA for vulnerability remediation.

  • Upload the latest VAPT report to Sprinto.

  • Ensure that remediation evidence is provided for each identified finding.

  • Review failing monitors and assign tasks to responsible teams.

PreviousPR Reviewer is different from AuthorNextHow to resolve Sprinto check for uploading the VAPT report

Last updated