# How to resolve Sprinto check for resolving vulnerability within the SLA

Sprinto allows you to define and manage remediation SLAs for vulnerability-related automated checks. These SLAs determine how long vulnerabilities can remain unresolved before tasks move through **Due**, **Critical**, and **Failing** states and trigger escalations.

This article explains how to **view and update SLA timelines for vulnerability checks** using the latest Monitoring experience in Sprinto.

{% hint style="info" %}
SLA configuration is currently supported for a limited set of vulnerability checks. Availability depends on the check type.
{% endhint %}

***

#### What you can configure

For supported vulnerability checks, you can configure:

* The **time allowed to resolve vulnerabilities** for each severity level:
  * Critical
  * High
  * Moderate
  * Low
* When a task:
  * Becomes due
  * Escalates
  * Breaches the SLA and moves to a failing state

Each severity level is configured **independently**.

The following checks get activated upon vulnerability detection based on your integrated monitoring service on Sprinto:

<table><thead><tr><th width="194.4609375">Monitoring service</th><th>Sprinto check</th></tr></thead><tbody><tr><td>Dependabot</td><td>Dependabot vulnerability alert should be resolved within SLA</td></tr><tr><td>SLScan</td><td>SLScan vulnerability alert should be resolved within SLA</td></tr><tr><td>AWS Inspector</td><td>AWS Inspector vulnerability alert should be resolved within SLA</td></tr><tr><td>Google Security Center</td><td>Google Security Center vulnerability alert should be resolved within SLA</td></tr><tr><td>SonarQube</td><td>SonarQube vulnerability alert should be resolved within SLA</td></tr><tr><td>RapidFort</td><td>RapidFort vulnerability alert should be resolved within SLA</td></tr><tr><td>SonarCloud</td><td>SonarCloud vulnerability alert should be resolved within SLA</td></tr><tr><td>Semgrep</td><td>Semgrep vulnerability alert should be resolved within SLA</td></tr></tbody></table>

#### Before you begin

* You must have access to the **Monitoring** module.
* The vulnerability check must be **enabled** and actively monitoring entities.
* SLA settings apply to **all tasks created by the selected check**.

***

### Update SLA for a vulnerability check (recommended path)

This is the primary and most direct way to manage SLAs.

#### Step 1: Go to Monitoring

1. Log in to the Sprinto dashboard.
2. Navigate to **Monitoring** from the left navigation.
3. Go to the **Automated checks** tab.

<figure><img src="/files/5oUz7cgIxBFvcdMDperX" alt="" width="563"><figcaption></figcaption></figure>

***

#### Step 2: Filter for vulnerability checks

1. Use the **Area** filter.
2. Select **Vulnerabilities**.

This displays all vulnerability-related automated checks that support SLA configuration.

<figure><img src="/files/IA4sS08iYpGfk79tqITa" alt="" width="563"><figcaption></figcaption></figure>

***

#### Step 3: Open the required check

1. Select the vulnerability check you want to update (for example, *AWS Inspector vulnerability alert should be resolved within SLA*).
2. You are taken to the **check details page**.

<figure><img src="/files/UEGdc0HtlTHqitAQnjdM" alt="" width="563"><figcaption></figcaption></figure>

***

#### Step 4: Edit SLA by severity

1. Scroll to **Tasks created by this check**.
2. Expand the drawer for the required severity:
   * Critical
   * High
   * Moderate
   * Low
3. Locate the **SLA breach duration**.
4. Click the **Edit** icon next to the duration.

<figure><img src="/files/ZLvWfVnDNhlGI8nFyUNV" alt="" width="563"><figcaption></figcaption></figure>

***

#### Step 5: Update the SLA

1. In the **Manage tasks SLA** drawer:
   * Update the number of days for remediation.
   * Review how the task lifecycle is calculated:
     * Due period
     * Escalation timing
     * SLA breach
2. Click **Save**.

<figure><img src="/files/WHO1V8P4glUHjCvCc7Vj" alt="" width="563"><figcaption></figcaption></figure>

Repeat these steps for each severity level you want to update.

***

### Alternate entry path: From the Vulnerabilities context

You can also reach the same SLA configuration from a vulnerability record.

#### How this works

1. Navigate to **Data Library → Vulnerabilities**.
2. Open any vulnerability that is linked to an automated SLA-based check.
3. Select the associated check.

<figure><img src="/files/7XcdV2dYbG8YKIp13QCm" alt="" width="563"><figcaption></figcaption></figure>

4. You are taken to the Check Details page.
5. Repeat the same steps from [here](#step-4-edit-sla-by-severity).

{% hint style="info" %}
Both entry paths lead to the **same SLA configuration screen**.
{% endhint %}

***

#### Important notes

* SLA edits affect **all tasks generated by that check**, not individual vulnerabilities.
* If a check is disabled or has no monitored entities, SLA editing options may not be visible.
* Changes take effect immediately for newly evaluated tasks.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sprinto.com/monitors/vulnerability-and-security-monitors/how-to-resolve-sprinto-check-for-resolving-vulnerability-within-the-sla.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.