FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Vulnerability Remediation SLAS

Go to solution
pny10x64
Newcomer

‎16 Jan 2024 02:32 PM

Hello,

Does Dynatrace publish vulnerability remediation SLAs or make information publicly available on how soon they make fixes available when a vulnerability is discovered? Specifically I am looking for information on SLAs for critical severity CVEs.  Thanks.

Labels:
0 Kudos
Reply
2 REPLIES 2

Go to solution
natanael_mendes
Champion

‎16 Jan 2024 02:52 PM

Hey @pny10x64 i found something on Dynatrace Blog

 

 

#2 Clearly defined severities and SLA’s

Severity is very important as it not only defines impact but also defines the priority and “Time until Fix is in Production”. You could also explain it as our internal Service Level Agreement (SLA) until the problem is remediated for the customer. The following shows the full remediation timeline table explaining every severity level including our SLA to remediate the problem

 

 

 

https://www.dynatrace.com/news/blog/vulnerability-management-dynatraces-data-driven-approach-to-secu...

 

 

In this Link you can see all the information that you want about SLA vulnerabilities in Dynatrace

Dynatrace Professional Certified
0 Kudos
Reply

Go to solution
Michael_Plank
Dynatrace Guide
Dynatrace Guide

‎16 Jan 2024 03:02 PM

Hi,

we have not publicly published our vulnerability remediation SLAs. Critical severity vulnerabilities (CVEs or vulnerabilities in our own code) are required to be remediated within 72 hours.

Reply
Ask a question

Featured Posts