PMAP field notes

Field notes on running vulnerability management

Practical writeups on scan orchestration, finding correlation and remediation lifecycle, published by the practitioners who run vulnerability management on the platform, not by a marketing desk.

Practitioner-authored
Multi-vendor grounded
Triage to closure

Vulnerability Management January 27, 2026

Designing Runbooks With Triggers and Actions

Build event-triggered runbooks across 16 trigger types and 22 actions with retries, circuit breakers and durable waits. See how PMAP automates ops.

By PMAP Security Team Read post
Vulnerability Management January 25, 2026

The Finding Rule Engine: AND/OR Criteria and Safe Mutations

Encode triage as no-code AND/OR rules with 8 action types, dry-run preview, approval gates and reversible mutations. See how PMAP automates triage.

By PMAP Security Team Read post
Vulnerability Management January 24, 2026

SLA Thresholds and Three-Level Escalation Routing

Set severity-to-hours SLA thresholds with company and project overrides, auto-recalculation and three-level escalation. See how PMAP routes breaches.

By PMAP Security Team Read post
Vulnerability Management January 22, 2026

Vulnerability Intelligence and Enrichment That Actually Helps Triage

Auto-link findings to CVE, CWE, CVSS and MITRE ATT&CK with Smart Match and a reusable template library. See how PMAP speeds triage.

By PMAP Security Team Read post
Vulnerability Management January 21, 2026

Real-Time Security Operations: Notifications, Push and Calendar

Deliver real-time alerts across in-app, email, Slack, Teams and webhooks with SSE push and a unified calendar. See PMAP real-time ops.

By PMAP Security Team Read post
Vulnerability Management January 19, 2026

Automating Vulnerability Operations with Rules and Runbooks

Automate triage with a finding rule engine and event-driven runbooks across 16 triggers and 22 actions. See how PMAP automates VM ops.

By PMAP Security Team Read post
Vulnerability Management January 18, 2026

Compliance, SLA and Audit Evidence in Vulnerability Programs

Produce audit-ready evidence with dual audit trails, SLA tracking and four-eyes approvals. See how PMAP supports SOC 2 and ISO 27001.

By PMAP Security Team Read post
Vulnerability Management January 16, 2026

Inside a Vulnerability Management Platform: Architecture and Foundation

Look inside a VM platform: 48 domains, ~500 REST endpoints, a modular monolith and multi-tenant core. See how PMAP is built to scale.

By PMAP Security Team Read post
Vulnerability Management January 14, 2026

Multi-Tenant Vulnerability Management for Holdings and MSSPs

Run many subsidiaries or clients from one console with tenant hierarchy, scoped RBAC and MFA. See how PMAP delivers multi-tenant VM.

By PMAP Security Team Read post