SLA Management - Security Response Time Tracking #20
Description
Overview
Implement SLA management to define, track, and report on security response time commitments based on vulnerability severity and asset criticality.
Features
- SLA Definitions: Define response time targets by severity
- SLA Tracking: Monitor vulnerabilities against SLA deadlines
- Breach Detection: Identify SLA violations
- SLA Reports: Generate compliance reports for stakeholders
Planned Tools (5)
| Tool | Description |
|---|---|
sla_define |
Define SLA policy with response times |
sla_list |
List all SLA policies |
sla_check_compliance |
Check current SLA compliance status |
sla_get_breaches |
Get list of SLA breaches |
sla_generate_report |
Generate SLA compliance report |
Technical Requirements
database_tables:
sla_policies:
- id: TEXT PRIMARY KEY
- name: TEXT
- description: TEXT
- rules_json: TEXT
- is_default: INTEGER
- created_at: TEXT
sla_tracking:
- id: TEXT PRIMARY KEY
- vuln_id: TEXT
- asset_id: TEXT
- severity: TEXT
- sla_policy_id: TEXT
- discovered_at: TEXT
- deadline_at: TEXT
- resolved_at: TEXT
- breached: INTEGER
- breach_hours: INTEGER
default_sla_rules:
critical:
response_hours: 4
resolution_hours: 24
high:
response_hours: 24
resolution_hours: 72
medium:
response_hours: 72
resolution_hours: 168 # 7 days
low:
response_hours: 168
resolution_hours: 720 # 30 days
report_metrics:
- total_tracked
- within_sla_count
- breached_count
- compliance_percentage
- average_resolution_time
- breaches_by_severityAcceptance Criteria
- SLA policies can be defined with custom rules
- Vulnerabilities automatically tracked against SLA
- Breaches detected and flagged in real-time
- Reports show compliance percentage and trends
- Support for multiple SLA policies (per asset/team)
- Integration with alert rules for breach notifications
- Audit logging for policy changes
Part of v1.28.0 Security Intelligence milestone.