Skip to main content
CENEDRIL MANUAL
Open Cenedril
Security Operations & Threat Intel · Vulnerabilities

Track vulnerability remediation

Updated on 3 min Pro plan Open in Cenedril

Goal Move a reported vulnerability through the Detected, Assessment, Decision and Resolution stages, keep the SLA status in view, and close the instance cleanly.

In Cenedril you track a vulnerability’s remediation under Documentation → Vulnerability Instances. You open an instance, move it through the Detected, Assessment, Decision and Resolution stages using the progress indicator, and keep an eye on the SLA deadline. When you close the instance, the status history records every step in an audit-proof form.

Get an overview

Open the vulnerability list

In the sidebar open Documentation and select Vulnerability Instances. The list shows every reported vulnerability with its status, severity, outcome and SLA deadline. Overdue and soon-due entries are sorted to the top.

The list with vulnerability, status, severity, outcome and SLA deadline.

Filter by progress

The All, Active and Closed tabs narrow the list. Active shows all still-open vulnerabilities, Closed the ones already finished. This makes it easy to see what is still being worked on.

Read status and deadline

The Status column shows the current stage: Detected, Assessment, Decision, Mitigating, Deferred or Closed. The SLA Deadline column shows the time remaining; once it has elapsed, Overdue appears in red. The Outcome column shows whether the vulnerability turns into a Change Request or has been deferred to Risk Management.

Track the remediation

Open the vulnerability

Click Details in the row. The detail page shows the severity at the top, a countdown to the SLA deadline when one is active, and below it the progress indicator with the stages Detected → Assessment → Decision → Resolution → Closed.

The progress indicator moves through Detected, Assessment, Decision, Resolution and Closed.

Move between stages

Click a stage you have already reached in the progress indicator to review its content. Completed stages are selectable, future ones stay locked until the previous one is finished. This lets you re-check, for example, the affected assets or the severity recorded during Assessment.

Track Mitigating

When the decision is Mitigate Now, the resolution stage shows the linked Change Requests with status Open or Closed. Each entry links straight to the matching item in change management, so you can see whether the fix is already done there.

Keep deferred vulnerabilities in view

When a vulnerability has been deferred to Risk Management, the resolution stage shows the recorded compensating measure and a note that the finding will feed into the next management review. Enter temporary countermeasures here and save them with Save measure.

Close the instance

Close the vulnerability instance

Once the fix is in place or the handover to risk management is documented, close the instance. For Mitigate Now this happens via Create Change Request & Close or Close without Change Request; for a deferred vulnerability use Close Vulnerability Instance.

Check the closure and history

A closed instance is read-only and marked Closed with a lock icon. The Status History at the foot of the page lists every status change with the person and a timestamp and can be expanded at any time.

The status history records every status change with the person and a timestamp.

Result: the vulnerability is marked Closed, its outcome (change request or risk management) is visible in the list, and the status history documents every step of the remediation in an audit-proof form.

Frequently asked questions

Which statuses does a vulnerability move through?

Every vulnerability instance follows the stages Detected, Assessment, Decision and Resolution (Mitigating or Deferred) until Closed. The status badge in the list and the progress indicator on the detail page show where it currently stands.

What does the SLA deadline mean and when is a vulnerability overdue?

The severity sets a due date. In the list the SLA Deadline column shows the time remaining; once it runs out, “Overdue” appears in red. Overdue and soon-due entries are sorted to the top automatically.

What is the difference between “Mitigate Now” and “Defer to Risk Management”?

“Mitigate Now” creates a change request and tracks the fix through change management. “Defer to Risk Management” acknowledges the vulnerability, records a compensating measure and hands the finding to the risk management process.

Can I still change a decision I already made?

As long as the instance is not closed, the “Change decision” link in the resolution stage returns you to the Decision stage. A closed instance is read-only.

Who changed the status and when?

The status history at the foot of the detail page lists every status change with the person and a timestamp. It is always available and can be expanded.

Security Operations & Threat Intel

Schwachstellen aus einem Scanner importieren

So laden Sie in Cenedril den CSV-Export eines Schwachstellen-Scanners hoch, ordnen die Spalten zu und legen alle Funde in einem Schritt als Schwachstellen-Instanzen an.

Security Operations & Threat Intel

Bedrohungen MITRE-ATT&CK-Techniken zuordnen

So ordnen Sie einer erfassten Bedrohung im Bedrohungsregister die passenden MITRE-ATT&CK-Techniken zu und verknüpfen so operative Threat Intelligence mit Ihrem ISMS.