Skip to content
Furl Docs

Remediation Strategies

A remediation strategy is a method for fixing a remediation subject. It answers the question: “how do we remediate this?” A subject like Chrome might have multiple strategies — update via package manager, update via script, or uninstall entirely. Furl picks the best one based on confidence score and what the endpoint supports.

How strategies work

Section titled “How strategies work”

Strategies combine a type (what to do) with an execution method (how to do it).

Strategy types

Section titled “Strategy types”
TypeDescription
UpdateUpgrade to the latest or a fixed version
PatchApply a specific patch
UninstallRemove the software entirely
ConfigureChange a configuration to mitigate the issue
ManualHuman-performed remediation with instructions

Execution methods

Section titled “Execution methods”
MethodDescription
Package managerUse apt, Chocolatey, Homebrew, etc.
ScriptRun a remediation script on the endpoint
External toolDelegate to a connected provider like Automox, Action1, Intune, or JAMF
ManualProvide instructions for a human to follow

Strategy sources and visibility

Section titled “Strategy sources and visibility”

Strategies come from different sources with different visibility:

TierSourceWho can use it
GlobalCurated by the Furl teamEveryone
CommunityOpted-in customersOpted-in customers only
OrganizationA single customerThat customer only

Most subjects already have one or more global strategies, so you typically don’t need to author your own to get started.

Creating an organization strategy

Section titled “Creating an organization strategy”

When the default strategy for a subject doesn’t fit your environment, you can author your own. A common reason: your team already has a tested PowerShell script for installing Chrome that handles your specific GPO settings.

  1. Pick the subject — strategies are always attached to a remediation subject, not to a CVE or a finding.
  2. Pick the type — update, patch, uninstall, configure, or manual.
  3. Pick the execution method — package manager, script, external tool, or manual.
  4. Provide the implementation:
    • For package manager strategies, supply the package identifier (e.g., google-chrome-stable).
    • For script strategies, supply the script body and any preflight requirements.
    • For external tool strategies, reference the policy or workflow in the connected provider.
    • For manual strategies, write the instructions the end user (or an admin) should follow.
  5. Save. The new strategy is available immediately for scope matches; over time, its confidence score updates based on real outcomes.

Organization overrides

Section titled “Organization overrides”

Instead of authoring a brand-new strategy from scratch, you can override the default strategy for a subject by creating a client remediation policy. This lets a team say “for Chrome, always use our custom script instead of the global package manager strategy” without disabling the global strategy for everyone else.

Strategy selection

Section titled “Strategy selection”

When a target is ready for remediation, Furl picks a strategy in this order:

  1. Check for organization overrides — if you’ve defined a client remediation policy for this subject, use it.
  2. Find compatible strategies — filter by subject, by execution method compatibility (does the endpoint support the package manager? scripts?), and by OS.
  3. Rank by confidence score — pick the highest-confidence compatible strategy.

Selection is conservative by design: a strategy that has worked reliably in the past is preferred over a newer or less-tested option.

Section titled “Related”