How DX Fabric helps diagnose and remediate security vulnerabilities
Kali Watkins
Product Marketing
Recent advances in AI have changed the conversation around software security.
Models like Anthropic’s Mythos Preview have demonstrated the ability to identify and exploit software vulnerabilities at a level beyond most human experts, reportedly uncovering thousands of zero-day vulnerabilities across major operating systems and web browsers. As AI accelerates vulnerability discovery, engineering organizations face increasing pressure to understand where security risks exist and remediate quickly.
Most organizations already have tools that surface security findings. The challenge is understanding those findings in context: where vulnerabilities exist, who owns them, and whether issues are being addressed within expected timeframes.
Security findings often live across multiple systems, and leaders may know vulnerabilities exist, but struggle to answer questions like: Which services have the largest concentration of critical vulnerabilities? Are security issues being resolved within expected SLAs? Where are the biggest hotspots across the organization?
Fabric helps answer these questions by bringing together vulnerability data and entity ownership, visualizing it in scorecards, and making it easy to take action on remediation.
Diagnosing vulnerabilities
Fabric brings together security findings from tools like GitHub Security, Snyk, Checkmarx, Wiz, Sentry, and more into a single view. Teams can also push custom vulnerability data into Fabric from bespoke or homegrown tooling.
Once vulnerability data is in Fabric, scorecards help teams understand which repositories have open vulnerabilities, how severe those vulnerabilities are, and whether they’ve exceeded SLA targets.
Scorecards can also be rolled up through the organizational hierarchy. Instead of only seeing vulnerabilities at the repository level, leaders can understand how issues are distributed across teams, managers, and business units.
For example, a CISO might see 20,000 repositories with critical vulnerabilities out of SLA. From there, they can drill down to identify which VPs, teams, or repository owners are responsible and where the largest concentrations of unresolved issues exist.
A VP of Engineering could then see that 1,000 of those vulnerabilities sit within their organization, and identify which managers or teams own the largest concentration of unresolved critical vulnerabilities.
Rather than reporting only on the number of vulnerabilities, Fabric links vulnerabilities to ownership and organizational context, making it easier to prioritize remediation efforts.
Taking action on remediating vulnerabilities
Once vulnerabilities have been identified, Fabric helps engineering leaders drive remediation at scale. Rather than manually tracking down repository owners or reminding teams about overdue issues, leaders can create workflows tied directly to vulnerability conditions.
For example, a VP of Engineering might see that dozens of repositories have critical vulnerabilities out of SLA. Rather than coordinating follow-up manually, they can create an Initiative tied to that condition. An Initiative could target all repositories with critical vulnerabilities older than 30 days and automatically notify owners weekly until the issues are resolved.
In addition to standard automated notifications, organizations can automate personalized messages from leadership rather than from a system. This allows organizations to combine structured remediation workflows with more personalized follow-up when needed.
Security issues often persist because ownership is unclear, follow-up is inconsistent, or remediation depends on manual coordination across teams. Fabric reduces operational overhead by linking vulnerabilities to owners, automating accountability, and creating repeatable remediation workflows.
Taking it a step further
The same workflow can also be extended to AI agents via the DX CLI, enabling them to query Fabric for vulnerability context, identify issues that need attention, and help drive remediation.
Because Fabric connects vulnerabilities to repositories, ownership, and scorecards, engineers can give agents the context needed to identify and remediate issues. For example, an engineer working in a repository could instruct an agent to check DX for critical vulnerabilities, determine whether any are out of SLA, and propose or implement fixes.
Rather than searching across multiple systems, the agent can use Fabric to understand which alerts exist, which repository they affect, who owns them, and what needs to be prioritized. This helps automate more of the remediation process, reducing the time spent diagnosing issues and coordinating follow-up work.
Final thoughts
As AI changes how vulnerabilities are discovered, engineering organizations will need faster ways to diagnose issues, assign ownership, and drive remediation. Fabric helps connect security findings to organizational context and operational workflows, making it easier for teams to move from identifying vulnerabilities to getting them fixed.
If you’re a Fabric customer and are interested in setting up a similar initiative, contact your DX representative. If you’re interested in learning more, request a demo.