Remediation Process

Remediation in the context of Gomboc involves identifying security issues within your infrastructure as code (IaC) configurations and applying the necessary changes to resolve these issues. This process ensures that your codebase remains compliant with security policies and reduces potential risks.

Steps in the Remediation Process

Identification of Issues

• Gomboc scans your code repositories to discover security issues. These issues can include misconfigurations, vulnerabilities, and non-compliance with established security policies.

• The scanning process involves analyzing the IaC code to detect any deviations from the security standards set by your organization.

Generating Remediation Recommendations

• Once issues are identified, Gomboc generates recommendations for remediation. These recommendations are based on best practices and predefined security policies.

• The recommendations may include specific code changes or configuration adjustments to address the identified issues.

Applying Remediation

• Remediations can be applied automatically or manually, depending on your organization's preferences.

• Automatic remediation involves Gomboc making the necessary changes directly in the codebase, while manual remediation allows developers to review and apply changes through pull requests.

• For manual remediation, Gomboc helps create and manage pull requests, detailing the recommended changes and ensuring they are applied correctly.