Remediate your issues with Workouts
      Back to home
      1. Knowledge Base
      2. Reports & Remediation
      3. Remediate your issues with Workouts

      Cyber Fitness Workouts: your path to effective vulnerability remediation

      Workouts are ranked by impact, guiding you to the most effective next step in strengthening your security posture.

      Autobahn’s Cyber Fitness Workouts are practical, step-by-step remediation guides designed to help you quickly and easily fix vulnerabilities - even without deep security expertise. By grouping vulnerabilities by their root cause, Autobahn enables you to resolve multiple issues with a single, impactful action. 

      Table of contents

      1. Workouts overview 
      2. Workout details
      3. Assets and issues in the Workout context
      4. Remediating affected assets

      1. Workouts overview

      The top recommended Workouts are featured on the Dashboard, giving you quick access to the most impactful remediation actions. You can also explore all available Workouts in a dedicated section of the application, which is divided into two parts:

      • To-do Workouts - these include open issues and the affected assets that still require attention.
      • Completed Workouts – these include all issues that have been resolved and assets that have been successfully remediated.

      Workouts_OverviewWorkouts should always be assigned to ensure accountability and progress tracking. You can assign a Workout by assigning a scan, asset, or issue to a team member. Issue assignment is a prerequisite for the Workout to be assigned.

      Assignment follows an automated inheritance hierarchy: Scan => Asset => Issue => Workout

      We recommend starting with assigning either scans or assets to establish clear ownership and streamline the remediation process.

        The Workouts list also shows your progress for each workout. As you remediate issues, the numbers get updated: every time you fix an asset, the count in the Affected assets column decreases, while the number of Closed issues increases (the amount depends on how many issues got fixed on a given asset). This improves the closed-to-total issue ratio, bringing it closer to 1 - your ultimate goal, where all issues are resolved. 

        To maximize impact, we recommend starting from the top of the list.

        To view the remediation steps, click on the Workout's name and access the Workout detail view.

         

        2. Workout details

        The Workout details view includes:

        • A table of contents for quick navigation
        • Step-by-step remediation instructions to guide you through resolving the issues
        • A list of affected assets that need to be fixed 

        This view helps you understand the scope of the workout and take action efficiently.

        Workout_Details

        Some workouts include links to Related workouts.

        These related workouts do not lower your organization’s Hackability Score, but they serve as additional resources that are relevant to the topic of the assigned workout. They can help deepen your understanding or provide further remediation options.

        From this view, you can download the Workout as a PDF, along with a spreadsheet listing the affected assets and issues the Workout addresses. This is especially useful if you need to share the information with team members who don’t use Autobahn. 

        If your organization has integrated a ticketing system, you can also send workouts directly to platforms such as Jira, ServiceNow, or Serviceware, or forward them to an email address as a standard message. Simply use the Send to button located in the top right corner of this view. 

        We also welcome your feedback. If you have suggestions for improving our workouts, please don’t hesitate to contact us by using the Feedback button - we’d love to hear your ideas. 

         

        3. Asset and issues in the Workout context

        By expanding the Assets column in the Workout details view, you’ll find filterable details of each asset that requires remediation by a given Workout, such as: tags, maximum issue severity or the date the issue was last detected.

        Asset_Expanded

        This view uses infinite scrolling, so be sure to scroll down to load and view additional entries.

        For a deeper dive, click the number in the Open Issues column.

        This will take you to a detailed view listing all issues on that asset that are targeted by the current workout, including port, service information as well as the script output (where available) located in the last column on the right. You can also access the Issue details view by clicking on the issue name.

        While these insights are valuable for understanding the context, don't forget that your primary goal is to follow the workout’s remediation steps and fix the issues on the affected assets to contribute to lowering the Hackability Score of your organization. 

        4. Remediating affected assets 

        Once you've fixed the issues on an affected assets by following the Workout's remediation steps, you can mark your progress by:

        • Marking the entire asset as Remediated.
          This will automatically mark all issues on that asset covered by the workout as Remediated.
          If you want to close an entire Workout along with all associated issues, use the Mark everything as… button located in the top-right corner of the Workout details view. This action applies the selected status to all issues within the Workout, so please use it carefully. 

        • Providing a re-scan or a data fetch for integrated sources.
          If the asset and relevant ports are still reachable and the issues are no longer detected, Autobahn will automatically mark them as Remediated.
          This approach is recommended when working with a group of assets, as it aligns with how scans are typically configured in Autobahn.

        It's also technically possible to manually close issues one by one on the Issues page. However, this approach is more time-consuming and requires extensive filtering. We recommend using the workout view, where all relevant issues are already pre-filtered for you.

        If an issue is a false positive or if your organization has decided to accept the risk, you can update the status accordingly. 

        If your organization has the Issue Review feature enabled, you’ll be prompted to select a reviewer to approve the status change (read more about this feature here).

        All closed issues - whether marked as Remediated, False Positive, or Risk Accepted - contribute to lowering your organization’s Hackability Score.