# Remote Mode Rules are defined and stored on the Seal Server via the Seal UI. * **Pros:** No code changes or PRs required. Security organizations (Sealer or Admin permissions) can apply rules to multiple repositories instantly. Ideal for scaling remediation without engineering bottlenecks. * **Cons:** Changes are not tracked in the project's source control. The Seal Platform becomes the source of truth. ```bash seal fix --mode=remote ``` ### Handling Vulnerability Scanners Using sealed packages can sometimes confuse vulnerability scanners, as they may look at the package version number and assume it is still vulnerable. Choose the strategy that fits your auditing requirements: #### Strategy 1: API Integration (Recommended for Internal Scanners) Seal supports direct API integrations with a variety of major scanners (Snyk, BlackDuck, GitHub Advanced Security, Ox Security, etc.). * **How it works:** The Seal CLI communicates with your scanner's API to synchronize findings, marking specific vulnerabilities as "remediated" within the scanner's dashboard. * **Best for:** Internal scans and operational dashboards. #### Strategy 2: Package Renaming (Recommended for External/Audit Scanners) The CLI renames the package artifact during installation (e.g., `pcre` becomes `seal-pcre`). * **How it works:** Since the remediated version is effectively a fork, renaming it makes the change explicit. Scanners simply won't find the vulnerable package name in the manifest or binary. * **Best for:** External audits, customer-run scans, and scanners not supported by API integration. ```bash seal fix --mode=xxxx -- ``` #### Strategy 3: Manual Ignore Manually marking alerts as "False Positive" or "Ignored" in your scanner's UI. * **Best for:** Small teams or one-off exceptions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sealsecurity.io/cli-integration/remote-mode.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.