Skip to main content

Define Your Team's Service-Level Agreement

Mondoo measures your team's security improvement performance against your service-level agreement (SLA). On your space dashboard, a chart compares your committed time to remediate security findings against the actual mean time your team takes.

SLA and MTTR on a Mondoo space dashboard

Mondoo breaks down your SLA by risk score. It shows:

  • Your mean time to remediate findings (MTTR) from when they're first discovered

  • The number of findings that are past their SLA date and still not remediated

  • The number of findings that are not yet remediated and have an SLA date approaching

These are the default commitments for remediating findings, based on risk score:

Risk scoreDays to remediateDays until approaching
Critical3023
High3023
Medium6053
Low9083

Mondoo lets you customize the SLA to match your business goals. Define the SLA in the space settings.

note

Only team members with Editor or Owner access can perform this task.

  1. Navigate to the space in which you want to customize your SLA.

  2. In the left navigation, select Settings. Then select the Security Model tab.

    SLA configuration in Mondoo

  3. For each risk score, type a number or use the arrows to define:

    • How many days from discovery does your team commit to remediating the finding?

    • How many days after discovery do you want Mondoo to consider the SLA date approaching and warn you on the space dashboard?

:: Tip

If you type new numbers, be sure to press ENTER or TAB after typing to save the change.

::