Automatic Remediation

Automatic Remediation is the Seal Platform's fully automated, hands-off deployment model. It provides the highest level of assurance that your dependencies are protected with minimal involvement from development or security teams.

How It Works

With this configuration, the Seal CLI is instructed to automatically replace every vulnerable package with its sealed version during the CI build process.

• No Manual Edits: The CLI handles all necessary dependency file modifications (e.g., package.json, requirements.txt).

• Continuous Protection: This process executes every time the CI pipeline runs, ensuring your build artifacts are patched against the latest known vulnerabilities immediately, without waiting for manual intervention.

Key Benefits

• Maximum Automation: Eliminates the need for security or development teams to prioritize, track, or manually apply individual vulnerability fixes.

• Developer Focus: Developers are free to focus on building and feature development, as the remediation process is seamless and non-disruptive.

• Immediate Time-to-Fix: Vulnerable packages are remediated the moment a sealed version is available, drastically reducing your exposure window.

Configuration

To enable Automatic Remediation, simply integrate the Seal CLI as a step in your CI pipeline as detailed in the CI Integration Guide. By default, the Seal CLI will perform this full auto-remediation.