What is Vetting?

Vetting is an expert review process conducted by Astra’s security engineers to ensure that your vulnerability scan results are accurate, reliable, and free from false positives.

It bridges the gap between automated scanning and human expertise, giving you high-confidence reports that reflect true security risks in your environment.

Why This Matters

Automated scanners can sometimes flag issues that aren’t real threats or may miss the context of how a vulnerability applies to your setup. Vetting ensures that only confirmed, relevant vulnerabilities are presented, so your team can focus on fixing what truly matters.

What We Do During Vetting

Our security engineers manually review and validate each vulnerability reported by the scanner. The process includes:

• Reviewing reported vulnerabilities for accuracy and environmental relevance

• Confirming that findings represent real and exploitable security risks

• Providing a vetted report with expert validation and actionable insights

What You Get

After vetting, you receive:

• A high-confidence report containing only verified vulnerabilities

• Clear, actionable recommendations for remediation

• Expert validation from Astra’s security team

Turnaround Time

The average turnaround time for the vetting process is 5–7 business days, depending on the scope and volume of findings.