Decision rule: urgency is not one score. Combine exploitation, exposure, affected version, patch availability, business impact, source confidence, and operational risk before assigning work.
Decision Matrix
Turn vulnerability signals into the right defender action.
Use this page when a CVE or advisory has several signals and you need to choose patch, mitigate, detect, monitor, validate, or escalate without overreacting.
Action Lanes
Choose the lane that best matches the evidence
Signal Combinations
Common patterns and the safer default action
Copy Blocks
Plain-language snippets for tickets and handoffs
Recommended use: open this page from a detail record, pick the lane, gather evidence, then use Playbooks or the relevant tool to prepare the actual handoff.