The Vulnerability Details Page provides a full view of a specific vulnerability, including its metadata, remediation efforts, related assets, and status. This is where the work of managing and resolving a vulnerability takes place.
Users access this page by clicking on a vulnerability from the Vulnerability Management table.
Purpose
This page is designed to help users:
Review complete information about the vulnerability
Track its lifecycle status
Document mitigation actions
Link related systems, datasets, risks, and incidents
Maintain traceability and team collaboration
Key Sections
Overview & Classification
At the top of the page, users can see:
Status (e.g., Detected, Mitigated, Verified)
Risk Rating
Environment (e.g., Production)
Confidentiality level
Dates & Assignment (Created, Discovered, Last Updated, Owner)
Description & Details
Description – Plain-language summary of the vulnerability
Exploitability Details – Information about how the issue could be exploited
Business & Regulatory Impact – Notes about how this issue could affect operations or compliance
Technical Details – Any technical information necessary for resolution
Remediation Information
Mitigation Actions – What is being done to address the issue
Verification Evidence – Proof that a fix or control has been implemented
Residual Risk – Notes on any remaining risk after mitigation
Compliance Notes – Internal commentary relevant to auditors or regulators
Related Assets
Found under the Related Assets tab, users can link the vulnerability to:
AI Systems – Systems affected by this vulnerability
Datasets – Impacted datasets
Related Incidents – Any recorded incidents connected to this issue
Related Risks – Risk register entries that reference this vulnerability
Each of these asset types can be linked directly using the Add buttons.
Status Workflow (Triage Actions)
From the page’s action menu, users can move the vulnerability through its lifecycle by updating its status:
Mark as Detected
Mark as Triaged
Mark as Categorized
Mark as Remediation Planned
Mark as In Remediation
Mark as Mitigated
Mark as Verified
Mark as Risk Accepted
Mark as Reopened
These status options support structured tracking of the triage and remediation process.
Change History & Comments
Change History – A chronological log of all edits, status changes, and updates made to the vulnerability
Comments – A collaboration space for internal discussion, questions, and notes
Notes
This page is the central location for managing a single vulnerability from detection through resolution
Status updates are important for tracking progress and triggering handoffs between teams
All linked assets and change history remain attached to the vulnerability for audit and reporting purposes