In cybersecurity, remediation refers to the process by which organizations identify and resolve existing threats in their systems. In other words, it is the process by which risk is identified, assessed, flagged, prioritized and resolved. Partial remediation is when a threat is only partially removed from the system, leaving some of it in the network even after the security team thinks the attack has been resolved.
This typically occurs from poor network visibility and a lack of information available. This means that the threat can continue to infect the organization’s network and pursue its malicious goal which can be to steal information, hurt operations or damage software and hardware. Providing the context of a threat can help prevent partial remediation because it can help to guide the security team as they prioritize threats and warnings. Without proper context, emphasis could easily be placed in the wrong place and leave a threat dwelling in the system’s network and cause partial remediation.