Remediation Plans

Remediation Plans

For tracked issues, AI analysis can generate comprehensive remediation plans with step-by-step instructions to help you fix the underlying vulnerability.

What Is a Remediation Plan

A remediation plan is a structured set of instructions that walks you through fixing a specific security issue. Unlike a simple "what to do" recommendation, a remediation plan includes:

• Prerequisites — What you need before starting (access, tools, backups).
• Step-by-step instructions — Detailed actions to take, in order.
• Verification steps — How to confirm the fix was applied correctly.
• Rollback guidance — What to do if the fix causes problems.

Generating a Remediation Plan

1. Navigate to the issue you want to remediate.
2. Click AI Analysis on the issue.
3. The AI will generate a remediation plan based on the vulnerability type, affected assets, and available evidence.

Example: Exposed SSH with Outdated Version

For an issue about an exposed SSH service running an outdated version, the remediation plan might include:

1. Back up your current SSH configuration.
2. Update the SSH package to the latest version using your OS package manager.
3. Review and harden the SSH configuration (disable root login, use key-based authentication, change default port if appropriate).
4. Restart the SSH service.
5. Test connectivity to confirm the service is working.
6. Run a manual scan in FortWatch to verify the finding is resolved.

Multi-Asset Remediation

When an issue affects multiple assets, the remediation plan will note this and provide guidance that accounts for all affected targets. In some cases, the fix may need to be applied on each asset individually; in others, a single configuration change (e.g., at the load balancer level) may address all affected assets at once.