Product Update

New Feature: Automated Vulnerability Remediation

December 5, 2024 5 min read ThinSky Product Team

We're excited to announce our most requested feature: automated vulnerability remediation. Starting today, ThinSky Managed OpenVAS customers can automatically patch vulnerabilities with a single click - reducing mean time to remediation from days to minutes.

Key Benefit

Reduce remediation time by 90% - patch critical vulnerabilities in minutes instead of days.

The Problem We're Solving

Traditional vulnerability management follows a frustrating cycle:

  1. Scan discovers vulnerabilities
  2. Report generated and sent to IT team
  3. IT team manually reviews findings
  4. Patches researched and tested
  5. Change request submitted
  6. Patches deployed during maintenance window

This process typically takes 15-30 days for critical vulnerabilities. That's 15-30 days of exposure to known attack vectors.

How Automated Remediation Works

1. Intelligent Vulnerability Mapping

When OpenVAS discovers a vulnerability, our system automatically:

  • Maps the CVE to available patches
  • Identifies the appropriate package manager (apt, yum, Windows Update)
  • Determines dependencies and potential conflicts
  • Assesses remediation risk based on system criticality

2. One-Click Remediation

From the ThinSky dashboard, you can:

  • View all remediable vulnerabilities
  • Select individual findings or bulk remediate
  • Preview exact commands that will be executed
  • Initiate remediation with approval workflow

3. Safe Execution

Every remediation action includes:

  • Pre-execution system snapshot (where applicable)
  • Staged rollout for large deployments
  • Real-time progress monitoring
  • Automatic rollback on failure
  • Post-remediation verification scan

Supported Remediation Actions

Package Updates

Automatic patching for:

  • Debian/Ubuntu (apt)
  • RHEL/CentOS/Rocky (yum/dnf)
  • Windows Server (Windows Update)
  • Docker containers (image rebuilds)

Configuration Changes

Automated fixes for:

  • SSL/TLS configuration issues
  • Insecure service configurations
  • File permission problems
  • Missing security headers

Service Restarts

Coordinated restarts with:

  • Graceful shutdown handling
  • Load balancer integration
  • Health check verification

Approval Workflows

We understand that not all patches should be applied automatically. That's why we've built flexible approval workflows:

  • Auto-approve low risk - Apply security patches automatically for non-critical systems
  • Require approval for production - Route production changes through your change management process
  • Emergency override - Expedite critical patches with appropriate authorization

Integration with Existing Tools

Automated remediation integrates with your existing workflow:

  • Ticketing - Automatic ticket creation in Jira, ServiceNow
  • Chat - Notifications to Slack, Microsoft Teams
  • CMDB - Asset updates after remediation
  • Compliance - Audit trail for compliance requirements

Getting Started

Automated remediation is available now for all ThinSky Managed OpenVAS customers at no additional cost. To enable it:

  1. Log in to your ThinSky dashboard
  2. Navigate to Settings > Remediation
  3. Enable automated remediation
  4. Configure your approval workflows
  5. Start remediating!

What's Next

This is just the beginning. Our roadmap includes:

  • Application-level patching (Java, .NET, Node.js)
  • Cloud infrastructure remediation (AWS, Azure, GCP)
  • AI-powered prioritization based on threat intelligence
  • Custom remediation playbooks

Ready to Automate Your Vulnerability Management?

See automated remediation in action with a free demo.

Learn About Managed OpenVAS