Saved Workspace Tutorial

Use Saved as a local triage queue, not just a bookmark drawer.

Use this tutorial when you want saved CVEs, advisories, notes, saved searches, compare queues, and exports to support repeatable vulnerability follow-up.

Start tutorial Open Saved Action Tracker

Workspace rule: Saved is local to this browser. It can help you organize work, but it is not a shared ticketing system, formal risk register, evidence vault, or proof of remediation unless you export and attach the right evidence somewhere durable.

Saveonly what needs return

Keep records that need validation, owner action, review, comparison, or reporting.

Notewrite the next question

Capture owner, evidence gap, action lane, due date, caveat, and review trigger.

Statemark where it stands

Investigating, patching, mitigated, accepted risk, or no state for unsorted items.

Exportmove durable work out

Use Markdown, CSV, JSON, or workspace export when the queue needs sharing or backup.

Saved Workflow

A practical loop for local follow-up.

1FindUse Search, queues, or detail pages to identify records worth revisiting. 2SaveAdd only items that need validation, owner action, comparison, or reporting. 3TrackSet state, owner, deadline or review date, evidence gap, and next action. 4ShareCopy a queue brief or export data before sending updates or handoffs.

What To Save

Save records that need a future decision.

Save for validation

Use when affected version, feature state, exposure, source confidence, backport status, or product ownership is still unclear.

State: Investigating.

Save for action

Use when a patch owner, SOC owner, vendor manager, or risk owner needs to do something next.

State: Patching or investigating.

Save for comparison

Use when several records compete for the same patch window, leadership attention, or SOC review capacity.

Next: Compare or the Compare Workflow Tutorial.

Save for closure proof

Use when the item is almost done but needs version proof, retest evidence, owner signoff, or exception approval.

State: Mitigated or accepted risk only when evidence exists.

Save for repeat search

Use saved searches for recurring slices such as KEV, no patch, high EPSS, a vendor family, or internet-facing pressure.

Next: Saved Searches.

Do not save everything

If the queue becomes a dump, it stops helping. Remove items that are no longer relevant or have durable closure elsewhere.

Habit: prune during weekly review.

Notes And States

Make each saved item understandable tomorrow.

Investigating

Use for open questions

Write the missing proof: affected version, owner, exposure, source confidence, fixed target, telemetry, vendor answer, or deadline.

Patching

Use when work is assigned

Write the owner, target version, change window, rollback caveat, expected proof, and what happens if the change slips.

Mitigated

Use when control is applied

Write what control reduced risk, how it was verified, when it expires, and whether patching still needs follow-up.

Accepted risk

Use only with approval

Write the approver, reason, expiration, temporary controls, review cadence, and where the formal acceptance record lives.

Workspace Export

Use exports when work must leave the browser.

Queue brief

Use for quick standups. It summarizes visible items and state counts, but it still needs owner context before forwarding.

Markdown export

Use for meeting notes, handoffs, and review packets when humans need readable context.

CSV or JSON export

Use for spreadsheet review, offline filtering, or moving a queue slice into another workflow.

Workspace export

Use for backup or transfer. Review notes first because saved notes may contain internal owner names, systems, or sensitive assumptions.

Copy Template

Saved item note

Saved item note - [CVE/advisory]
Why saved: [validation / patch / mitigation / SOC check / exception / reporting]
Current state: [investigating / patching / mitigated / accepted risk / unsorted]
Owner: [team/person/system owner]
Evidence reviewed: [source, advisory, scanner, asset inventory, owner reply, logs]
Evidence missing: [affected version, exposure, fixed version, retest, approval, telemetry]
Next action: [question, patch, mitigation, vendor case, SOC check, compare, brief]
Due or review date: [date]
Safe caveat: [what this saved item does not prove yet]
Closure proof needed: [version proof, control proof, not-affected proof, exception, owner signoff]

Recommended habit: save less, write better notes, set states honestly, export before sharing, and prune the queue during weekly review.

Open Saved Search Workflows Compare Compare Tutorial Brief Builder Tutorial Action Tracker Weekly Review