Skip to content

Remediate CVEs with Klowd

Resolving vulnerabilities quickly is critical to securing your application and achieving/maintaining authorization. To eliminate the guesswork from patching, our AI assistant, Klowd, can automatically generate a tailored remediation plan for Packages and Common Vulnerability and Exposure (CVE) detected in your application.

This guide walks you through accessing and utilizing these plans to secure your code efficiently.

How to access a remediation plan

  1. Log in to Game Warden and navigate to Findings.
  2. Select the CVEs tab. You can view results by Package (all CVEs in a given package) or by Vulnerability (all packages affected by a given CVE).
  3. For each affected package, click View Plan to open its remediation plan. Note that initial generation may take up to two minutes.

Review the remediation plan

Each remediation plan is organized into interactive toggles. Click any toggle to expand it and view the crucial details inside:

Toggle / Section Description
Mitigation Plan This is the core of the remediation strategy. It provides clear, actionable instructions on how to resolve the vulnerability. Inside this tab, you will find:
  • Confidence: Klowd's confidence level in the proposed fix (e.g., HIGH).
  • Action: The primary step required (e.g., upgrade, patch).
  • Target Version: The specific package or software version needed to resolve the CVEs.
  • Details: Step-by-step technical instructions for applying the fix, from identifying affected assets to rolling out the updates.
Responsible Party Identifies the specific role or team (e.g. Application Owner, Platform Operator, Shared) that is best suited to own and execute this specific remediation task.
Priority An AI-assessed urgency level to help your team understand where this fix belongs in your current sprint or backlog. Possible values are: Critical, High, Medium, Low
Effort An estimation of the time and resources required to implement the fix, helping you plan your team's workload effectively.
Risk of Change An assessment of the potential impact the fix might have on your application's stability (e.g., the likelihood of an upgrade breaking existing functionality).
Verification Steps Clear, actionable instructions on how to test your environment post-remediation to prove that the vulnerability has been successfully resolved.
References Direct links to official security advisories, CVE databases, and vendor release notes for further reading and verification.

Klowd is evolving—share your feedback

Got a thought? If Klowd generates a highly effective remediation plan (or a confusing one), please use the thumbs up/down icons at the bottom of the module. We are building Klowd for you, so let us know how we can make it better!