Mitigation guidance
When Guard identifies a supply-chain risk, it provides mitigation guidance to help you resolve the issue quickly. This guide explains how to read and act on mitigation recommendations.
How mitigation guidance worksDirect link to How mitigation guidance works
Each advisory or warning in Guard includes a Mitigation section with actionable steps. The guidance is tailored to the specific risk type:
| Risk type | Typical mitigation |
|---|---|
| Known vulnerability | Upgrade to a patched version or apply a workaround |
| Suspicious publisher | Verify publisher identity and consider blocklisting |
| Policy violation | Review the policy rule and adjust or add an exception |
| Revoked tool | Remove the tool from your environment immediately |
| Unverified provenance | Require provenance attestation before allowing the tool |
Acting on guidanceDirect link to Acting on guidance
- Open the investigation in Guard alerts.
- Review the Mitigation section for the specific alert.
- Follow the recommended steps in order.
- Mark the investigation as resolved once the mitigation is applied.
ExceptionsDirect link to Exceptions
If a mitigation step is not applicable to your environment, you can file an exception. Exceptions are time-limited and auditable.
- Open the investigation.
- Select File exception.
- Provide a reason and select an expiration date.
- Submit for review by a workspace admin.