Skip to main content
The Security module integrates directly with the Planner, allowing you to convert security findings into tracked work items. This helps you manage remediation efforts, assign priorities, and maintain visibility into security-related projects.

Overview

You can add three types of Cork security data to the Planner:

Compliance Events

Convert compliance findings into remediation tasks

Vulnerabilities

Create work items for vulnerability patching

Endpoints

Plan security work for specific devices

Adding Items to Planner

1

Navigate to Security

Go to the Security module by clicking Cork in the sidebar.
2

Select the Tab

Choose the appropriate tab:
  • Compliance for compliance events
  • Vulnerabilities for software vulnerabilities
  • Endpoints for device-related work
3

Select Items

Click the checkbox next to each item you want to add. You can select multiple items to create a single planner item that tracks all of them.
4

Click Add to Planner

Click the Bulk Actions dropdown in the header and select Add to Planner.
5

Review and Customize

The planner item dialog opens with pre-filled information:
  • Title - Auto-generated based on selected items
  • Description - Summary of what needs to be addressed
  • Business Value - Automatically set based on severity
  • Private Notes - Detailed information about each selected item
6

Save the Planner Item

Customize any fields as needed, then click Save to create the planner item.

What Gets Synced to Planner

When you add Cork items to the Planner, the following information is automatically included:

Compliance Events

FieldPlanner Mapping
Event TypeIncluded in title and private notes
Entity NameAdded to private notes
At Risk StatusSets business value to “High” if at risk
Resolved StatusNoted in private notes
Created DateAdded to private notes

Vulnerabilities

FieldPlanner Mapping
CVE IDUsed as title for single items
Software ProductIncluded in description and notes
Software VendorAdded to private notes
CVSS ScoreAdded to private notes
PriorityCritical/Accelerated sets “High” business value
Known ExploitedHighlighted in private notes

Endpoints

FieldPlanner Mapping
Device NameUsed as title for single items
HostnameAdded to private notes
Operating SystemIncluded in private notes
IP AddressesListed in private notes
Last Seen DateAdded to private notes

Automatic Business Value Assignment

The Planner automatically sets the Business Value based on the severity of selected items:
ConditionBusiness Value
Vulnerabilities with Critical or Accelerated priorityHigh
Compliance events marked as At RiskHigh
All other itemsMedium
You can always adjust the business value in the planner item dialog before saving.

Single vs. Multiple Items

Single Item Selection

When you select a single item, the planner entry is tailored to that specific finding:
  • Title: The specific CVE ID, event type, or device name
  • Description: Focused description of that single item
  • Notes: Detailed information about the specific item

Multiple Item Selection

When you select multiple items, they’re grouped into a single planner item:
  • Title: “Cork [Type] (N items)” format (e.g., “Cork Vulnerabilities (5 items)”)
  • Description: Summary stating how many items are included
  • Private Notes: Each item is listed separately with a divider
All selected items must be for the same company. If you need to create planner items for multiple companies, select items from one company at a time.

Viewing Linked Cork Items

After creating a planner item with Cork data, you can view the linked security items:
1

Open the Planner Item

Navigate to Planner and click on the item you created.
2

View Relationships

In the edit dialog, expand the Relationships section to see linked Cork items:
  • Cork Vulnerabilities - Linked CVEs
  • Cork Endpoints - Linked devices
  • Cork Compliance Events - Linked compliance findings

Best Practices

Consider grouping related items together:
  • Same software vulnerabilities - Group CVEs for the same software product
  • Same device issues - Group compliance events affecting the same endpoint
  • Same remediation action - Items that can be fixed with a single action

Using Private Notes

Private notes contain the technical details from Cork and are not visible to clients. Use the Public Notes field if you need to share information with stakeholders.

Prioritization

Focus on items that should be prioritized:
  1. Known Exploited Vulnerabilities - Active threats requiring immediate action
  2. Critical Priority - High CVSS scores or severe compliance gaps
  3. At Risk Compliance Events - Items flagged as requiring attention

Workflow Example

Here’s a typical workflow for managing security remediation:
1

Review Vulnerabilities

Go to Cork > Vulnerabilities and filter for Known Exploited or Critical priority.
2

Select and Plan

Select the high-priority vulnerabilities for a specific company and click Add to Planner.
3

Customize the Item

Set an appropriate due date, estimate hours for remediation, and add any additional context.
4

Track Progress

Use the Planner to track remediation progress, update status, and mark items complete when patched.
5

Report to Client

Include security metrics in client reports using the Report Builder’s security blocks.

Security Module

Overview of the Security module

Planner

Managing planner items

Cork Integration

Setting up Cork integration

Reporting

Creating client reports

Need Help?

For assistance with adding security items to the Planner, contact [email protected].