Automatic Remediation Planning
Build a Patching Plan For Your Engineers
- Myrror’s Remediation Plan Generator considers vulnerabilities in transitive dependencies and calculates all the newly-introduced vulnerabilities while performing a patch, and helps you choose the best plan for your patching process.
Patching Causes Regressions
Your transitive dependencies are the main contributors to the number of vulnerabilities in your code base. And when upgrading or downgrading a package in order to patch a vulnerability, new vulnerabilities might be introduced.
In many cases, the underlying risk associated with patching a specific issue might be greater than the risk the vulnerability represents. For example, a critical issue is introduced due to the patching of a medium-severity issue, and it lies in the transitive dependency.
Pre-remediation Regression Detection
Myrror examines every potential “regression” vulnerability that might be introduced to the codebase when suggesting a fix.
By analyzing the graph of possible regressions, Myrror provides a thorough and complete assessment of the risks associated with remediation, in direct and indirect vulnerabilities.
Automatic Remediation Plan Generator
Considering all potential regressions, Myrror then creates a remediation plan automatically that creates as few regressions as possible.
By planning for remediation in advance, you’re making sure you won’t be backfiring another flood of vulnerabilities as soon as the new version is deployed.
How it Works
Step 1
Myrror identifies the actions required to remediate the vulnerability and suggests a fix, including the package version’s impact on the outcome.
Step 2
Myrror calculates the optimal order to patch in to ensure the lowest number of new vulnerabilities is introduced into the codebase.
Step 3
Myrror generates a concrete action plan for remediation, taking into consideration all the newly-introduced vulnerabilities along the way, taking into account direct and transitive dependencies.
