Define Your Team's Service-Level Agreement
Set targets for how quickly your team commits to remediating findings, and track real performance against them.
A service-level agreement (SLA) in Mondoo is a target for how quickly your team commits to remediating security findings. Mondoo tracks your team's actual mean time to remediate (MTTR) and compares it against the targets you've set, so you can see how you're doing at a glance.
For how those findings are prioritized and driven to resolution, see Track and fix findings.
To review SLA performance, open the SLAs page: in the left navigation, under Findings, select SLAs.

The page lists every finding that has an SLA and shows, for each one:
- Its SLA Status, flagging findings that are overdue or approaching their target.
- Whether the finding is At Risk or already Overdue.
- The affected assets and when the finding was first detected.
Default targets
| Risk score | Days to remediate | Days until approaching |
|---|---|---|
| Critical | 30 | 23 |
| High | 30 | 23 |
| Medium | 60 | 53 |
| Low | 90 | 83 |
Customize the targets
-
Navigate to the space.
-
In the left navigation, expand Security Model, then select Service Level Control.

-
For each risk score, set two numbers:
- Days to remediate is how long your team has to fix a finding before it's past SLA.
- Days until approaching is when Mondoo starts flagging a finding on the SLAs page as approaching its SLA date.
Press ENTER or TAB after typing a new number, or Mondoo won't save the change.