PMAP for the Platform Administrator
Configure SMTP, LDAP, MFA, branding, health and licensing from one control plane. See how PMAP serves the platform administrator.
PMAP field notes
Field notes on running vulnerability management
Practical writeups on scan orchestration, finding correlation and remediation lifecycle, published by the practitioners who run vulnerability management on the platform, not by a marketing desk.
- Practitioner-authored
- Multi-vendor grounded
- Triage to closure
Category: Vulnerability Management
-
-
The Stages of the Vulnerability Lifecycle Explained
From discovery to closed and verified, learn every stage of the vulnerability lifecycle and what happens in each. A clear, practical explainer.
-
Security Report Formats: PDF, DOCX and HTML
Each report format has a job: PDF for delivery, DOCX for editing, HTML for the web. Learn which security report format fits which audience.
-
Scan Coverage and the Wave Matrix, Explained
Scan coverage shows what your scanners actually reached. Learn what scan coverage is, what the wave matrix tracks, and why gaps matter.
-
Remediation Campaigns vs Tickets: The Difference
A ticket tracks one fix; a campaign tracks a program of fixes. Learn how remediation campaigns and tickets differ and when to use each.
-
Multi-Tenancy in Security Platforms, Explained
Multi-tenancy lets one platform serve many isolated tenants. Learn what a tenant is, multi-tenant vs single-tenant, and how isolation works.
-
RBAC Explained for Security Platforms
RBAC grants access by role, not by user. Learn what role-based access control is, how the permission matrix works, and RBAC vs ABAC.
-
The Four-Eyes Principle in Security, Explained
The four-eyes principle means two people must approve a sensitive change. Learn what it is, how it relates to dual control, and where it applies.
-
What Is an SBOM and Why It Matters
An SBOM lists every component in your software. Learn what an SBOM is, CycloneDX vs SPDX, and why it matters for vulnerability management.
