Fully unattended Auto Remediation
Problem to solve
Auto Remediation flow consists of two different parts:
- find the vulnerability and its solution
- apply the solution, deploy, monitor
1 can be automatically done by a pipeline (on commit or scheduled), the second part is triggered by a manual action: users have to click on a button to create the merge request.
To complete the Auto Remediation goal (fully automated), we should find a way to auto remediate all vulnerabilities as soon as they are spotted.
- Devon, DevOps Engineer
- Sam, Security Analyst
Auto remediate vulnerabilities without any manual intervention, as soon as a new vulnerability is found.
What does success look like, and how can we measure that?
Number of vulnerabilities fixed automatically.