PMAP field notes

Field notes on running vulnerability management

Practical writeups on scan orchestration, finding correlation and remediation lifecycle, published by the practitioners who run vulnerability management on the platform, not by a marketing desk.

Practitioner-authored
Multi-vendor grounded
Triage to closure

Vulnerability Management February 10, 2026

Assessment Runs and Scan Campaigns Inside a Project

Split an engagement into numbered waves, launch multi-scanner campaigns and read the completion delta. See how PMAP runs assessment campaigns.

By PMAP Security Team Read post
Vulnerability Management February 8, 2026

Async Report Generation in PDF, DOCX and HTML

Generate branded vulnerability reports in PDF, DOCX or HTML from templates, async and versioned, on schedule. See how PMAP builds deliverables.

By PMAP Security Team Read post
Vulnerability Management February 7, 2026

Sharing Reports Securely With Tokens, Passwords and Signing

Share vulnerability reports without accounts using random tokens, optional passwords, expiry and SHA-256 signing with QR verification. See PMAP.

By PMAP Security Team Read post
Vulnerability Management February 5, 2026

Smart Match: Auto-Linking Findings to a Vuln Template Library

Auto-link every finding to a vuln template with a 4-stage CVE, plugin key and fuzzy match engine that backfills enrichment. See how PMAP matches.

By PMAP Security Team Read post
Vulnerability Management February 4, 2026

Running Remediation Campaigns From Draft to Done

Group findings into a governed campaign, bulk-assign owners and track closure rate from draft to completed. See how PMAP drives remediation.

By PMAP Security Team Read post
Vulnerability Management February 2, 2026

Static and Dynamic Asset Groups With Live Rule Preview

Build reusable scan scopes with static groups or rule-driven dynamic groups that self-heal as inventory changes. See how PMAP groups assets.

By PMAP Security Team Read post
Vulnerability Management February 1, 2026

Importing 20+ Scanners Into One Correlated Finding Set

Ingest Nessus, Qualys, Rapid7, DAST, SAST and SCA into one deduplicated finding set with cross-scanner correlation. See how PMAP unifies imports.

By PMAP Security Team Read post
Vulnerability Management January 30, 2026

MFA, LDAP and Session Management for Operator Teams

Enforce TOTP MFA, sign in via LDAP or AD, rotate JWT sessions and cap concurrent logins. See how PMAP secures operator team access.

By PMAP Security Team Read post
Vulnerability Management January 29, 2026

RBAC Roles and Scoped Grants Without Over-Provisioning

Build least-privilege roles from a 10x6 permission matrix and grant them at global, company or project scope with expiry. See how PMAP scopes access.

By PMAP Security Team Read post