Skip to main content

Remediations Page

The Remediations page provides a comprehensive view of all ongoing efforts to fix security vulnerabilities across your organization. Remediations can be fully automated by the Backline agents or in Hybrid mode, which requires your collaboration with the agents. Take action, track progress, priorities, and the status of automated and hybrid remediation activities.

What You’ll See

Remediation Metrics

The top of the page displays key metrics:
  • Total active remediations and distribution by mode
  • SLA Violations
  • Associated Vulnerabilities to be resolved by existing remediations
  • Resolved remediations over time
  • Median Time to Remediate in the last 30 days

Remediation List

Each remediation is displayed as a card showing:
  • Title: Description of what’s being fixed
  • Type: Vulnerability type being addressed
  • Mode: Remediation approach (Automated or Hybrid)
  • Priority: Importance level for this remediation
  • Repository: Repository where the fix is being applied
  • Assigned Vulnerabilities: Number of vulnerabilities this remediation addresses
  • Creation Date: When the remediation was initiated
  • SLA Status: Compliance with resolution timelines
  • Active Agent: AI agent working on this remediation (if applicable)
  • Status: Current state (In Progress, Pending Approval, Resolved, etc.)

Remediation Modes

Automated

Backline’s AI agents automatically create and submit fixes.

Hybrid

AI-suggested fixes that require human review and approval.
Hybrid mode remediations will display an Action Required button when they need your attention.
Quickly find specific remediations using these filter options:
  • Text Search: Search by remediation title or description
  • Mode: Filter by remediation mode (Automated or Hybrid)
  • Priority: Show specific priority levels
  • Repository: Filter by repository name
  • Time to SLA: Filter by SLA compliance time
  • Status: Filter by current remediation status

Working with Remediations

Viewing Details

Click on any remediation card to open a detailed drawer with multiple tabs:
  1. Details: Complete information about the remediation
  2. Packages: List of affected packages and dependencies
  3. Vulnerabilities: All vulnerabilities addressed by this remediation
  4. Remediation Plan: Step-by-step plan for implementing the fix

Taking Action

From the remediation drawer, you can:
  • Review proposed changes and fixes
  • Access associated pull requests
  • Monitor remediation progress
  • View the complete list of vulnerabilities being resolved
  • Follow the AI agent’s work in real-time from the Remediation Plan tab (for automated remediations)
1

Access the Page

Click Remediations in the main navigation menu.
2

Browse or Filter

Scroll through the list or use filters to find specific remediations.
3

View Details

Click on any remediation card to see comprehensive information and track progress.
4

Take Action

For Hybrid mode remediations, review and approve suggested fixes using the Action Required button.

Understanding Priorities

Remediations are prioritized based on:
  • Severity of vulnerabilities being addressed
  • Number of affected systems
  • SLA requirements
Focus on high-priority remediations first to maximize the security impact of your team’s efforts.

Pull Request Integration

When remediations generate pull requests, you’ll see:
  • Direct links to PRs in your SCM platform
  • Ability to review changes before merging
Automated remediations create pull requests that your team can review and merge following your standard development workflow.

Code Owners

During the remediation process, Backline’s AI agents automatically identify the most relevant code owners based on the scope of the remediation. This ensures the right people are notified and can take action on security fixes.

How Code Owner Identification Works

When a remediation is created, the agents analyze:
  • Files affected by the vulnerability
  • Recent contributors to the codebase
  • Code ownership patterns
  • Historical commit data
The system then lists the top owners identified for the remediation with confidence scores indicating how likely they are the right owners.

Automatic Assignment

If an identified owner has a confidence score greater than 85%, they will be automatically assigned to the remediation.

Managing Code Owners

You can view and manage code owners directly from the remediation details:
1

Open Remediation Details

Click on any remediation card to open the detailed drawer.
2

View Code Owners Section

In the Details tab, scroll to the Code Owners section to see the list of assigned owners.
3

Click Manage Owners

Click the Manage Owners button to open the code owner management screen.
4

Review and Modify

In the management screen, you can:
  • View all owners and candidate owners identified by the agent
  • Remove existing owners
  • Assign identified candidates as owners
  • Manually add new owners by entering their information
5

Save Changes

Once you’ve made your changes, save to update the remediation’s code owner assignments.

Adding Owners Manually

If the AI agents didn’t identify any code owners, or if you need to add additional owners:
  1. Open the Manage Owners screen from the remediation details
  2. Click Add Owner or similar option
  3. Enter the owner’s information (name, email, or username)
  4. Save your changes
Properly assigned code owners ensure faster review and approval of security fixes, especially for Hybrid mode remediations.

Code Owner Candidates

The management screen shows both:
  • Assigned Owners: Currently responsible for this remediation
  • Candidates: Other potential owners identified by the AI with their confidence scores
You can promote candidates to owners if they’re more appropriate for the specific remediation.
Code owner assignments help streamline your security workflow by ensuring the right team members are involved in reviewing and approving security fixes.