How to Use One-Click Remediation
Prerequisites
A security finding or vulnerability that needs remediation
Access to ZIN Copilot
Appropriate access to the target systems (for executing commands)
How One-Click Remediation Works
ZIN identifies a security issue (from integrations, scans, or manual input).
ZIN analyzes the issue context — what system, what technology, what configuration.
ZIN generates the specific remediation command(s) tailored to your environment.
You review and execute the command.
Using One-Click Remediation
Navigation: Sidebar → ZIN Copilot (or from any Finding/Insight detail)
Step 1: Identify the Issue
Navigate to a vulnerability finding, proactive insight, or risk item.
Alternatively, ask ZIN directly: "How do I fix [specific issue]?"
Step 2: Request Remediation
Click the Remediate button (if available on the finding), or
Ask ZIN: "Generate remediation commands for this vulnerability"
ZIN generates one or more remediation options.
Step 3: Review the Generated Command
ZIN provides commands in formats relevant to your environment:
| Format | Use Case |
|---|
| CLI Commands | Direct terminal commands (AWS CLI, Azure CLI, kubectl, etc.) |
| Terraform | Infrastructure-as-code changes for cloud resources |
| Configuration | Config file changes (nginx, Apache, security groups) |
| Scripts | Multi-step remediation scripts |
Example output:
# Fix: Disable public access on S3 bucket
aws s3api put-public-access-block \
--bucket your-bucket-name \
--public-access-block-configuration \
BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true
Step 4: Execute
Review the command carefully to understand what it will do.
Execute in your target environment (terminal, CI/CD pipeline, or Terraform).
Verify the fix was applied successfully.
> Warning: Always review generated commands before executing. While ZIN generates accurate commands, it is your responsibility to verify they are appropriate for your specific environment and will not cause unintended side effects.
Safety Best Practices
| Practice | Why |
|---|
| Always review before executing | Commands may affect production systems |
| Test in staging first | Validate the fix in a non-production environment |
| Check for dependencies | Some fixes may require service restarts or downstream changes |
| Document what you did | Keep an audit trail of remediation actions |
| Verify after execution | Confirm the vulnerability is actually resolved |
Troubleshooting
| Issue | Solution |
|---|
| ZIN says "Cannot generate remediation" | The issue may not have a standard automated fix. Manual investigation required. |
| Generated command doesn't work | Verify your access permissions to the target system. Check that the environment matches what ZIN assumed. |
| Command seems incorrect for my environment | Provide more context to ZIN: "Generate remediation for [issue] on [specific system/version]". |
| One-click option not available | This feature is available for common vulnerability types. Complex or novel issues may require manual remediation. |
Related Articles
How to Use the ZIN AI Copilot
Prerequisites Access to the ZIN Copilot section At least one integration connected (for data-driven responses) Accessing the ZIN Copilot Navigation: Sidebar → ZIN Copilot Click ZIN Copilot in the sidebar. The chat interface opens with a message input ...
How to Use the Endpoint Comparison Matrix
The Endpoint Comparison Matrix shows which of your connected security tools "see" each asset — so you can spot coverage gaps (for example, a device known to Active Directory but missing from your EDR). It lives inside Asset Inventory. What you'll ...
Interno: Frequently Asked Questions (FAQ)
Answers to the questions we hear most often about Interno, Zeron's AI-powered security command center. Getting Started What is Interno? The Zeron Command Center — it unifies your security posture across connected tools, with an AI copilot, asset ...
Troubleshooting Common Issues in Interno
This guide covers common issues in Interno (the Zeron Command Center) and how to resolve them. Login & Permissions Many "I can't see/do X" issues are missing permission scopes (Interno scopes use the defence: prefix). A user without the required ...
How to Use the Query Library
Prerequisites Access to the Query Library section At least one integration connected Accessing the Query Library Navigation: Sidebar → Query Library Click Query Library in the sidebar. The page opens with three tabs. Widgets Tab Manage saved ...