Service Level Agreements (SLAs) for issue resolution - SLAs for issue resolution are time-based goals for the resolution of issues and timers to track how long it actually takes to resolve issues. - Administrator Guide - Cortex CLOUD

Cortex Cloud Posture Management Documentation
Product
Cortex Cloud Application Security > Cortex CLOUD
License
Cloud Posture Management
Creation date
2025-01-22
Last date published
2026-06-10
Category
Administrator Guide
Abstract

SLAs for issue resolution are time-based goals for the resolution of issues and timers to track how long it actually takes to resolve issues.

Service Level Agreements (SLAs) are formal contracts or agreements that define the expected level of service between service providers and clients or between internal teams.  Cortex Cloud supports the configuration of issue resolution SLAs, which are time-based goals for the resolution of issues and timers to track how long it actually takes to resolve issues.

Why use SLAs for issue resolution?
Abstract

SLAs provide a defined structure to guide the prioritization of issue remediation efforts and track remediation efforts.

SLAs provide analyst teams with a defined structure to guide the prioritization of issue remediation efforts. Key drivers for using SLAs include:

  • Meet compliance requirements: Regulatory frameworks, such as PCI or HIPAA, mandate timely issue resolution. For example, PCI may require critical issues be fixed within a month, while HIPAA sets a 15-day limit for critical findings.

  • Manage risk for critical assets: Organizations set SLAs based on the sensitivity and criticality of assets. For example, a hospital would prioritize fixing issues impacting patient medical records or payment systems over non-essential displays.

  • Report and measure remediation efforts: SLAs allow leadership to track the effectiveness of security programs and report progress toward the goal of zero SLA violations.

Create an SLA rule for issue resolution
Abstract

Define an SLA for issue resolution by creating an SLA rule.

Configuring an SLA for issue resolution requires creating an SLA rule that defines the time-based SLA goal and the set of issues that the goal will apply to. When you create a new SLA rule, that SLA will be applied to all matching existing issues and new issues moving forward.

  1. Select SettingsConfigurationsObject SetupIssues.

  2. Select the SLA Rules tab.

  3. Select Create SLA Rule.

  4. Provide the following information, and then click Next.

    • SLA Rule Name

    • Description (optional)

    • SLA Goal: Define the SLA goal, which is the maximum time allowed to resolve issues. SLAs must greater than 30 minutes.

  5. Define criteria to identify the issues that the SLA will apply to.

    1. Select the filter icon to define which issues this SLA rule applies to.

      If no criteria are defined, the rule will apply to all issues.

    2. Review the list of issues that match your filtering criteria. If the list is correct, select Next.

  6. On the Summary page, review the information about the new SLA rule. If it is correct, click Done.

    The new SLA rule will appear in the table on the SLA Rules tab.

  7. Set the order of evaluation for the new SLA rule. The first SLA rule that matches an issue will be the SLA used for that issue.

    By default new SLA rules are added to bottom of the list. To move a rule up or down in the list, click and hold the arrows in the Name column and drag the rule to the desired position in the list.

Reorder issue resolution SLA rules
Abstract

The first SLA rule that matches an issue will be the SLA used for that issue.

The order of SLA rules in the SLA Rules table is important. SLA rules operate on a stop-on-first-match basis.  In other words, the first SLA rule that matches an issue will be the SLA used for that issue. When you reorder rules, existing issues that match a new higher-priority rule will be updated to use the new SLA.

  1. Navigate to SettingsConfigurationsObject SetupIssues and select the SLA Rules tab.

  2. Change the order of the SLA rules by dragging the table rows into place. To drag a table row, click and hold an arrow in the Name column and drag the row to the desired position in the table.

Monitor the status of issue resolution SLAs
Abstract

Filter and sort issues on SLA-related fields to monitor SLA status.

Cortex Cloud includes the following resolution SLA fields on the Issues page, so you can filter and sort issues based on these values:

  • Resolution SLA: Indicates the amount of time left to meet the SLA deadline. Also indicates the amount of time past the SLA deadline for issues that are overdue.

  • Resolution Timer: Indicates how long it took to resolve the issue. The timer starts when the issue status is New, and stops when the issue status is changed to Resolved.

How to monitor the status of issue resolution SLAs

  1. Navigate to Cases & IssuesIssues.

  2. Filter on Resolution SLA > 0 or Resolution Timer > 0 to find issues that are within the SLA.

    Note

    These filters support filtering of whole days only, for example Resolution SLA > 1 filters for issues that have a Resolution SLA of greater than one day.

  3. Filter on Resolution SLA < 0 or Resolution Timer < 0 to find issues that have exceeded the SLA.

You can also view the issue resolution SLA widgets on the Vulnerability Management dashboard.