Skip to main content

How to update a remediation state

This guide will take you through how to update the state of your threat rememdations the differences between the various states.

Kara Crimson avatar
Written by Kara Crimson
Updated yesterday

Defense.com's threat management tools are designed to save time by giving you the ability to manage the threats and remediation steps identified by the platform - all through a single interface.

While my.defense.com remediations offer advice on how to remediate a threat, the platform cannot carry this out for you. It is your responsibility to ensure the steps you are taking are safe to undertake for your systems and that you select the most applicable Remediation State.

Update the remediation state for one/many threats

  1. Navigate to Threats in the navigation sidebar on the left of the screen.

  2. Select the threat(s) you wish to update the remediation state for using the checkboxes on the left-hand side of the table.

  3. Click Update status at the bottom of the page and select the state you'd like to update the remedations to.

  4. Once the state has been selected, click Apply, and all remedations for the threats selected will be updated to this state.

Update individual remediation states on a single threat

  1. Navigate to Threats in the navigation sidebar on the left of the screen.

  2. Locate the threat you wish to update the remediation state for, and click the threat Title or click the View threat button under the Actions column

  3. Next, navigate to the Remedations tab

  4. Select the rememdations you'd like to update using the checkboxes on the left-hand side.

  5. Now, click Update status at the bottom of the page and select the state you'd like to update the remedations to.

  6. Once the state has been selected, click Apply, and all remedations for the threats selected will be updated to this state.

Understanding Remedation States

False positive: At times it isn't possible for the platform to confirm the existence of a vulnerability and instead, a threat is generated based on the information we have available i.e. make, model or software versions. If this is the case and the threat created isn't valid, you can assign it the False positive status.

Threats closed in a False positive state will not be reopened if they are detected again in future.

Risk accepted: If you identify a vulnerability that poses a low risk to your system and decide that you can accept the risk, you can mark it as Risk accepted. This indicates that you have acknowledged the vulnerability but have chosen not to prioritise its remediation.

Threats closed in a Risk accepted state will not be reopened if they are detected again in future.

Compensating control: In some cases, you may not be able to fully remediate a vulnerability but can put compensating controls in place to mitigate the risk. In such cases, you can mark the vulnerability as Compensating control to indicate that you have implemented measures to minimise the risk.

​Selecting Compensating control will prompt you to add a note describing how the risk has been mitigated. This will be added as a note on the threat.

Threats closed in a Compensating control state will not be reopened if they are detected again in future.

Remediated: Once a vulnerability has been addressed and resolved, you can mark it as Remediated. This indicates that the vulnerability is no longer a security threat to your system.

Threats closed in a Remediated state will be reopened if they are detected again in future. This state should only be selected if you are confident the threat has been fully resolved and no longer exists.


​And that's it! You now know how to update your threat remediation states. 🎉


Did this answer your question?