Cyber Doc logo Cyber Doc
Cybersecurity Term

What is remediation?

The process of fixing or reducing a security weakness after it is found.

Penetration Testing Last reviewed: 2026-05-20

← Back to Learn Centre

What is remediation?

Remediation is the process of fixing or reducing a security weakness after it has been identified.

Simple example

After a test finds weak access control, the development team changes the application and the issue is retested.

Why it matters

Remediation turns security findings into real risk reduction.

Common warning signs

  • The activity is unexpected or unusual for the business context.
  • The request or system behaviour creates pressure to act quickly.
  • Normal approval, verification, or security processes are bypassed.
  • There are signs of unauthorised access, data exposure, or system change.
  • Staff are unsure whether the request, message, or system behaviour is legitimate.

Cyber Doc view

This term should be understood in business context, not only as a technical issue. Good protection usually combines clear processes, appropriate technical controls, staff awareness, and a calm response plan.

What to do

Proactive steps

  • Assign owners and due dates for findings.
  • Prioritise high-risk and exposed issues.
  • Document accepted risks and compensating controls.
  • Retest important fixes.
  • Track recurring issues.

Reactive steps

  • Apply temporary controls if a weakness is actively exploited.
  • Fix the root cause where possible.
  • Validate that the fix worked.
  • Review whether the issue affected data or systems.
  • Update standards to prevent recurrence.

Related terms

  • Penetration testing
  • Vulnerability assessment
  • Risk