Define Your Team's Service-Level Agreement
Mondoo measures your team's security improvement performance against your service-level agreement (SLA). On your space dashboard, a chart compares your committed time to remediate security findings against the actual mean time your team takes.
Mondoo breaks down your SLA by risk score. It shows:
-
Your mean time to remediate findings (MTTR) from when they're first discovered
-
The number of findings that are past their SLA date and still not remediated
-
The number of findings that are not yet remediated and have an SLA date approaching
These are the default commitments for remediating findings, based on risk score:
| Risk score | Days to remediate | Days until approaching |
|---|---|---|
| Critical | 30 | 23 |
| High | 30 | 23 |
| Medium | 60 | 53 |
| Low | 90 | 83 |
Mondoo lets you customize the SLA to match your business goals. Define the SLA in the space settings.
Only team members with Editor or Owner access can perform this task.
-
Navigate to the space in which you want to customize your SLA.
-
In the left navigation, select Settings. Then select the Security Model tab.
-
For each risk score, type a number or use the arrows to define:
-
How many days from discovery does your team commit to remediating the finding?
-
How many days after discovery do you want Mondoo to consider the SLA date approaching and warn you on the space dashboard?
-
:: Tip
If you type new numbers, be sure to press ENTER or TAB after typing to save the change.
::