A particularly effective way of configuring the CLI is to auto-remediate everything.

Instead of manually editing your package.json's and requirements.txt files every time a new vulnerability comes out, you can configure the CLI to automatically remediate everything (that has a sealed version). This configuration allows developers to focus on building, while freeing security professionals from having to prioritize and engage about every single vulnerability.

To use Automatic Remediation, just integrate the CLI as a step in every CI pipeline, as explained here. That's it! By default, the CLI will now replace every vulnerable package with its sealed version.