Senior Product Designer

Mondoo has launched its Agentic Managed Vulnerability Service, combining security experts with its AI platform to deliver a 60% reduction in vulnerabilities and sub-16-day mean time to remediation. The San Francisco-based company also introduced an Automated Remediation Setup Service that deploys approved fixes through existing customer tools. The service addresses persistent challenges in vulnerability management, where organisations struggle to move beyond scanning and reporting. Mondoo research shows 91% of organisations lack confidence in their remediation ability, whilst 62% still rely on manual processes. The managed service pairs security professionals with Mondoo's AI platform, which collects data across cloud, on-premises, endpoints and software development lifecycles. The platform integrates with existing vulnerability tools including Tenable, Rapid7 and Qualys, providing a unified view of risk.

Mondoo launches Agentic Managed Vulnerability Service to accelerate remediation and improve outcomes. By GlobeNewswire March 17, 2026 World-class security experts, powered by Mondoo's proven AI platform, now deliver a 60% reduction in vulnerabilities and sub-16-day MTTR, so overwhelmed security teams don't have to do it alone SAN FRANCISCO, March 17, 2026 (GLOBE NEWSWIRE) - Mondoo, the pioneer in agentic vulnerability management, today announced the Mondoo Agentic Managed Vulnerability Service, a new expert-led offering that moves organizations from endless scanning and reporting to actual vulnerability remediation. Mondoo also introduced the Automated Remediation Setup Service, an optional add-on that establishes automated remediation workflows so approved fixes deploy instantly through customers' existing tooling. Most vulnerability management programs are stuck in an endless cycle of scanning and reporting. Even after prioritization, there are so many critical issues that it's increasingly difficult to know which to address first. This leads to critical vulnerabilities going unpatched, leaving organizations exposed or noncompliant. According to Mondoo's State of Vulnerability Remediation research, 91% of organizations lack confidence in their remediation ability, and 62% still rely on manual processes, contributing to industry-wide alert fatigue and growing security backlogs. "Most security teams aren't short on vulnerability data; they're short on the capacity to act on it," said Soo Choi-Andrews, CEO and Co-founder, Mondoo. "We built the Agentic Managed Vulnerability Service because we believe the industry needs to shift focus from reporting to outcomes. Our customers shouldn't need to hire more people just to keep up with the influx of vulnerabilities. With our world-class experts and proven AI platform, we deliver the results, 60% fewer vulnerabilities, mean-time-to-remediation under 16 days, and 10x faster than doing it manually, so our customers can focus on strategic work instead of chasing alerts." World-Class Experts Backed by a Proven AI Platform The Mondoo Agentic Managed Vulnerability Service pairs high-caliber security and IT operations professionals with Mondoo's AI-native platform to deliver fully optimized vulnerability management programs. Mondoo experts integrate with customer teams, taking full ownership of vulnerability monitoring, prioritization, remediation guidance, and reporting. The service is built on Mondoo's unified platform, which collects high-quality, high-fidelity data across the entire IT infrastructure, including cloud, on-premises, endpoints, SaaS, network devices, and the SDLC. In addition to Mondoo's native detections, the platform manages data from existing vulnerability tools such as Tenable, Rapid7, and Qualys, and ingests signals from CrowdStrike, SentinelOne, and Microsoft Defender, giving security teams a single, comprehensive view of their risk landscape. How It Works * Onboarding & Customization: Mondoo experts deploy the platform using the customer's preferred model, initiate continuous asset discovery, integrate with existing ITSM tools, and align scope and priorities to business objectives and risk tolerance. * Issue Prioritization: Experts triage vulnerability and compliance alerts to identify real risk based on local context, using Mondoo data queries to validate whether vulnerabilities actually pose a threat in the customer's specific environment. Zero-days, actively exploited CVEs, and government-flagged critical issues (CISA, BSI) are triaged with extra urgency through enriched threat intelligence. * Fix Suggestions: Mondoo creates actionable tickets in the customer's ITSM system (Jira, ServiceNow, GitHub Issues) with affected assets, prioritization rationale, remediation guidance, automation code (Ansible, PowerShell, Intune), and ready-to-approve pull requests. When no direct fix exists, Mondoo provides tailored mitigation advice. * Apply Fixes: Customers Retain 100% Control: The customer's security team reviews and approves all suggested fixes before implementation by copying code snippets, approving pull requests in their Git-based VCS, or clicking approve on ITSM tickets. Nothing is remediated without the customer's authorization. * Verification: Mondoo rescans after fixes are implemented to confirm remediation. Verified issues close automatically; recurring issues reopen if drift is detected. * Tracking & Reporting: Mondoo delivers ongoing reporting on issues resolved, open tickets, MTTR trends, patch and EOL status, integration health, certificate expirations, asset coverage, and compliance - with weekly standups, monthly executive reports, and quarterly business reviews. Advertisement New: Automated Remediation Setup Service Mondoo also introduced the Automated Remediation Setup Service, an optional deployment and configuration engagement that establishes automated remediation workflows for organizations in need of additional support. Mondoo experts integrate the platform with customers' existing deployment tooling (Microsoft Intune, Ansible, Puppet, Chef, SCCM), ensuring that fixes are automatically executed and verified once an analyst approves the remediation ticket. For organizations without existing deployment automation, Mondoo experts set up Ansible as an open-source remediation engine at no additional licensing cost. The analyst-driven workflow keeps security teams in full control: Mondoo identifies the issue and creates an enriched ticket, the analyst reviews and approves it, the fix deploys automatically through existing tooling, and Mondoo verifies the result, eliminating manual remediation toil while maintaining complete visibility and approval authority. MSSP And Channel Ready Mondoo Agentic Managed Vulnerability Service can be resold by Mondoo channel partners and is also MSSP-ready. Managed security service providers can partner with Mondoo to build and deliver their own branded managed vulnerability offerings, extending integrated, pervasive security protection to their client base. Deutsche Telekom, co-owner of T-Mobile and one of the world's largest telecommunications providers, already leverages Mondoo to secure its hybrid infrastructure, demonstrating the platform's ability to operate at enterprise scale in complex, multi-tenant environments. "The speed and accuracy of Mondoo's platform, combined with its deep insights into IT architecture, enables customers to quickly remediate issues and significantly reduce CVEs and policy violations," said Thomas Tschersich, CEO of Telekom Security & CSO of Deutsche Telekom AG. By partnering with Mondoo, MSSPs can expand their service portfolios with a differentiated, outcomes-driven vulnerability management offering backed by Mondoo's proven AI platform and guaranteed remediation results - delivering measurable value to their clients without building the capability from scratch. The Mondoo Agentic Managed Vulnerability Service and the Automated Remediation Setup Service are now available. For more information, visit www.mondoo.com or find Mondoo at RSA Conference, Booth 4425 in the North Expo Hall. About Mondoo Mondoo's Agentic Managed Vulnerability Service, a combination of local expert security professionals and a proven AI-native platform, delivers the outcomes security professionals need, helping them transition out of the endless cycle of scanning and reporting and into actual remediation. Trusted by more than 300 customers worldwide, including Fortune 50 companies, Mondoo prioritizes risks by business impact and exploitability, collects structured, context-aware data from the entire IT infrastructure, and provides actionable remediation guidance, including automation code and ready-to-approve pull requests, that eliminates vulnerabilities rather than just categorizing them. Mondoo's customers have reduced vulnerabilities by 60%, achieved mean-time-to-remediation under 16 days, and accelerated remediation 10x faster than manual approaches. With seamless ITSM integrations, transparent security pipelines, and guaranteed outcomes, Mondoo bridges the gap between security and engineering to fix what matters most to the business. Media Contact Will Clark Marketbridge for Mondoo