Product Update - 10/20/2025

We’ve reimagined Heeler’s data model to connect code and runtime remediation into a single, unified experience—introducing new views that simplify visibility and accelerate response.

Global Dashboard

The new Global Dashboard provides a unified view of your organization’s application risk. It highlights key metrics and six-month trends, with flexible filters for Applications, Services, Repositories, and Leadership responsibilities.

Use it to assess how effectively your teams are managing vulnerabilities, enforcing guardrails, and reducing risk over time.

Included in this release:

  • Mean Time to Fix (MTTR) by Severity Track average remediation times by severity level and compare them against your service-level objectives (SLOs).

  • Total Findings by Severity View organization-wide trends of all findings over the past six months.

  • Total Findings Fixed by Severity Compare fixed findings against total findings to visualize fix rates and progress over time.

  • Introduced Findings Measure vulnerabilities that existed when dependencies were added—indicating risks introduced through development choices or insufficient CI guardrails.

  • Surfaced Findings Identify vulnerabilities that appeared after dependencies were added—highlighting risks that emerged externally and were outside of direct developer control.

  • Guardrail Violations Track how often guardrails are being violated and measure adherence across teams and services.

  • Findings Prevented by Guardrails Quantify the number of vulnerabilities proactively blocked by your guardrails before they entered production.

  • Most Vulnerable Packages Identify packages with the highest historical vulnerability rates over the past 12 months to guide dependency management strategies.

  • Most Frequently Updated Packages Discover which packages are most actively updated across your organization, helping to assess maintenance practices and upgrade velocity.

Security Overview

The new Security Overview offers a focused, near real-time snapshot of your organization’s security posture. It highlights trends from the past four weeks and upcoming remediation deadlines in the next four weeks, helping you stay ahead of risk.

From this overview, you can drill down directly into filtered views of specific remediations or findings for deeper investigation and action.

Included in this release:

  • New Findings Track newly introduced or newly surfaced vulnerabilities detected within the past four weeks.

  • Due Findings Identify findings approaching their SLO deadlines in the next four weeks, helping teams prioritize remediation efforts.

  • Fixed Findings Review vulnerabilities resolved in the past four weeks, categorized by priority or exploitability.

  • Mean Time to Fix (MTTR) Monitor average remediation times by Heeler risk priority and evaluate progress toward your SLO targets.

  • SLO Adherence Measure how well remediations are aligning with established SLOs, distinguishing those completed within vs. beyond their defined timelines.

  • New Findings Trend Visualize weekly trends in new vulnerabilities over the last four weeks, segmented by Heeler risk priority.

  • Fixed Findings Trend Track weekly remediation progress over the last four weeks, segmented by Heeler risk priority, to gauge momentum and team performance.

  • Guardrail Violations Analyze recent activity to understand where guardrails were bypassed and identify teams or workflows that may need reinforcement.

  • Findings Prevented by Guardrails Quantify vulnerabilities proactively blocked by your guardrails before they reached production—showing the impact of preventive security controls.

Security Workbench

The Security Workbench helps teams focus remediation efforts where they matter most. It organizes vulnerabilities by fixability and impact, making it easy to identify high-value actions that drive meaningful security and SLO improvements.

Included in this release:

  • Auto-Fixable View all remediations that Heeler’s agentic remediation can automatically resolve through validated, non-breaking pull requests.

    If agentic remediation is not yet enabled for your tenant, please contact us to activate it.

  • Auto-Fix Impact Assess the potential impact of auto-fixable remediations—see how many vulnerabilities can be eliminated and how much SLO time can be reclaimed through automated fixes.

  • Most Impactful Remediations Identify package upgrades that deliver the greatest organization-wide security impact based on Heeler’s fixability analysis:

    • Easy and Medium recommendations: quickly create remediation tickets for upgrades that can be safely automated or completed with minimal effort.

    • Hard recommendations: prioritize upgrades requiring first-party code changes—ensuring development effort is focused on high-impact fixes that significantly reduce risk.

  • Newly Identified Remediations View recently discovered remediations that have not yet been triaged or ticketed.

  • Newly Ticketed Remediations Track new remediation tickets that are pending assignment or not yet in progress.

  • New Remediations by Fixability Break down newly identified remediations by their fixability category, helping teams prioritize quick wins and longer-term efforts.

  • Due Remediations Monitor upcoming remediations due in the next four weeks, categorized by their SLO timeframe, to stay ahead of deadlines.

  • Introduced Findings on New Packages Identify vulnerabilities that existed in dependencies at the time they were added, helping assess risks introduced through development or CI guardrail gaps.

  • Surfaced Findings on New Packages Detect vulnerabilities that emerged after dependencies were introduced, highlighting external risks beyond direct developer control.

Global Dependency Findings

The Global Dependency Findings view provides a unified look at vulnerabilities across your entire organization—spanning both code and services. It helps you understand the full scope and impact of findings, with powerful filters like fixability and risk that make it easy to focus on the vulnerabilities by both impact and effort.

You are also able to quickly pivot across:

  • Active Findings – Vulnerabilities currently present in the environment that have not yet been fixed in code.

  • Fixed Findings – Vulnerabilities that remain in the environment but have been addressed in code.

  • Deployed Findings – Vulnerabilities that have been fully remediated across all active deployments.

Global Dependency Remediations

The Global Dependency Remediations view now supports Heeler Risk Priority across all remediation types—spanning code and runtime vulnerabilities.

This update also introduces new filters and table columns, enabling you to quickly segment and analyze remediations by organizational, security, or lifecycle context for deeper, more actionable insights.

NextProduct Update - 9/24/2025

Last updated

Was this helpful?