Overview
Backline Assistant is an in-product, context-aware AI companion designed to help you understand and investigate security insights directly inside Backline. It allows you to ask questions in natural language, explore vulnerabilities and remediations, and receive explainable answers based on:- Backline’s security knowledge base
- Your organization’s environment and findings
- Integrated external sources (when relevant)
The assistant is designed to support decision-making and investigation—not to automatically change data or perform destructive actions.
Typical Use Cases
The Assistant is accessible from the application header and is intended for open-ended questions and multi-topic investigations:- “Show me the highest-risk remediations this week”
- “Which vulnerabilities are about to breach my SLA?”
- “Show me all my remediations that are waiting for approval”
Access & Layout
Floating Mode
When a side panel is already open (Vulnerability or Remediation), the assistant appears as a floating button above it.
Conversations & History
New Chat
Selecting New Chat starts a fresh conversation. The previous conversation is automatically saved to history.Chat History
- All completed chats are stored in your Chat History panel
- You can reopen previous conversations at any time
- Chats persist across user sessions
Asking Questions
Input Behavior
| Action | Result |
|---|---|
Enter | Sends the message |
Shift + Enter | Creates a new line |
| Empty field | Send button is disabled |
Suggested Questions
When opening a new chat, the assistant may display starter suggestions:- What are the top 10 critical vulnerabilities in my environment right now?
- Which remediations are about to breach SLA or already overdue?
- Which remediations are waiting for pending approval?
Context Chips (@ Mention)
Typing@ in the input box opens a selector that allows you to attach context:
| Context Type | Description |
|---|---|
| Vulnerabilities | Attach specific vulnerabilities for focused analysis |
| Remediations | Attach remediations to discuss upgrade paths or impacts |
Rules:
- Maximum 5 chips per chat
- Searchable by title
- Context chips help the assistant provide more precise and relevant answers
Recommended Next Steps
Each assistant response ends with 1–3 recommended step chips. These help you continue your investigation efficiently.Investigation Steps
Examples of recommended actions:- “See related remediations”
- “Show dependency path”
- “Explain this CVE”
What You Can Ask
The assistant is optimized for security analysis, investigation, and triage:Vulnerability Investigation
- Exploitability explanations and evidence
- Severity reasoning
- Impact assessment
Remediation Guidance
- Breaking changes summary
- Safe upgrade paths
- Dependency analysis
Risk & Prioritization
- SLA risks
- High-impact remediations
- Priority recommendations
Environment Analysis
- Cross-repository insights
- Trend analysis
- Compliance status
Limitations
The assistant cannot:| Restriction | Description |
|---|---|
| Modify data | Cannot modify or delete vulnerabilities or remediations |
| Change settings | Cannot change SLA values or configurations |
| Cross-tenant access | Cannot perform cross-tenant analysis |
| Data boundaries | Cannot access data outside your tenant |
| Execute code | Cannot execute code or infrastructure changes |
Best Practices
Use Context Chips for Precision
Use Context Chips for Precision
When asking about specific vulnerabilities or remediations, use
@ mentions to attach them. This helps the assistant provide more accurate and relevant responses.Follow Recommended Steps
Follow Recommended Steps
Take advantage of the recommended next steps at the end of each response. They’re designed to guide you through a complete investigation workflow.
Leverage Chat History
Leverage Chat History
Don’t start from scratch every time. Reopen previous conversations to continue investigations or reference past findings.
Be Specific in Your Questions
Be Specific in Your Questions
Instead of “Show me vulnerabilities,” try “Show me critical vulnerabilities in production repositories that are about to breach SLA.”