PMAP field notes

Field notes on running vulnerability management

Practical writeups on scan orchestration, finding correlation and remediation lifecycle, published by the practitioners who run vulnerability management on the platform, not by a marketing desk.

Practitioner-authored
Multi-vendor grounded
Triage to closure

Vulnerability Management March 10, 2026

Finding Triage Done Right: From New to Closed

Build a triage workflow that scales: dedup at intake, a governed status state machine, severity control and assignment. See how PMAP triages findings.

By PMAP Security Team Read post
Vulnerability Management March 9, 2026

Bulk Finding Operations Without Losing Control

Clear a scanner backlog fast without breaking governance. Bulk status, assign, template-link and re-match with per-item results. See how PMAP does it.

By PMAP Security Team Read post
Vulnerability Management March 7, 2026

Scan Lifecycle Management Across Manual and Automated Sources

Run, monitor, control and delete scans from one console across every connected scanner, with vendor-neutral status and orphan adoption. See PMAP.

By PMAP Security Team Read post
Vulnerability Management March 6, 2026

Scheduling Scans and Keeping Them in Live Sync

Automate recurring scans and keep PMAP a faithful mirror of every scanner with cron schedules, a live status ticker and orphan adoption. See how.

By PMAP Security Team Read post
Vulnerability Management March 4, 2026

Managing Security Connectors and Credentials Safely

Connect 30 vendor types across 9 categories with AES-encrypted credentials, inline connection tests and archetype-aware controls. See how PMAP manages it.

By PMAP Security Team Read post
Vulnerability Management March 2, 2026

ITSM Ticketing: Bidirectional Sync With Jira and ServiceNow

Push findings to Jira, ServiceNow or ManageEngine and keep status in two-way sync via webhooks and polling. See how PMAP closes the remediation loop.

By PMAP Security Team Read post
Vulnerability Management March 1, 2026

Pipeline-Triggered Scans With CI/CD and Webhooks

Wire GitHub, GitLab and more to PMAP with HMAC-verified webhooks, auto-scan fan-out and PR security gates. Shift findings left. See how PMAP does it.

By PMAP Security Team Read post
Vulnerability Management February 27, 2026

Building a Trustworthy Asset Inventory From Many Sources

Merge manual, scanner and Nmap sources into one deduplicated asset inventory with owners and risk scores. See how PMAP keeps it trustworthy.

By PMAP Security Team Read post
Vulnerability Management February 26, 2026

Scan Coverage and the Wave Matrix: Knowing What You Missed

See which scanners actually cover each asset and track findings across scan waves with the wave matrix. See how PMAP exposes coverage gaps.

By PMAP Security Team Read post