BLACKSHIELD

Public Guide

Review and Prioritize Findings

Prioritize remediation using risk, exploitability, ownership, and tenant policy tuning so teams fix what matters first. Audience: Security triage teams, engineering leads, and service owners. Typical setup time: Ongoing, daily review recommended.

Start herejourney

Use this if

Prioritize remediation using risk, exploitability, ownership, and tenant policy tuning so teams fix what matters first.

Audience
Security triage teams, engineering leads, and service owners
Typical time
Ongoing, daily review recommended

Start here

Step 5 of 6

Recommended
1
2
3
4
5
6

Before You Begin

  • Confirm you have access to Findings, Trends, and ownership assignment actions.
  • Align severity-to-deadline policy with engineering leads before triage.
  • Decide escalation path for KEV and internet-exposed critical findings.

Do this now

Step 1

Triage highest-risk findings first

Use risk score and exploit context to build an actionable queue.

  • Sort findings by risk score as your default triage view.
  • Use KEV and severity filters to isolate urgent vulnerabilities.
  • Run Adversarial Exposure Validation (AEV) on-demand for the top queue and review validated/not-validated outcomes.
  • Filter by AEV state to separate immediately exploitable paths from inconclusive candidates.
  • Review affected assets to identify production or internet-facing impact.

What success looks like

Review affected assets to identify production or internet-facing impact.

Open Findings Table · Sign-in required

Step 2

Assign ownership and deadlines

Every finding should have one accountable owner and a target resolution date.

  • Assign findings to service owners from impacted teams.
  • Set due dates aligned to your internal SLA policy.
  • Capture remediation notes and fix version targets.

What success looks like

Capture remediation notes and fix version targets.

Open Findings Table · Sign-in required

Step 3

Tune tenant scoring policy safely

Use simulation before publishing weight changes so queue movement is intentional and auditable.

  • Open `/findings/risk-scoring` and review the current tenant policy version.
  • Run a simulation to inspect projected score, rank, and priority changes before publishing.
  • Record a change summary for every publish and use rollback if the new ordering does not match operating expectations.

What success looks like

Record a change summary for every publish and use rollback if the new ordering does not match operating expectations.

Open Risk Scoring Studio · Sign-in required

Step 4

Track closure and recurring drift

Monitor trend movement to verify risk is declining over time.

  • Review trend and backlog metrics at least weekly.
  • Track reopened findings and recurring high-severity issues.
  • Escalate overdue remediation items in operating reviews.

What success looks like

Escalate overdue remediation items in operating reviews.

Open Trends · Sign-in required

What success looks like

  • Each critical/high finding has an accountable owner and due date.
  • Weekly trend review shows decreasing open high-risk backlog.
Review and Prioritize Findings | BlackShield Docs