Overview
This article explains how mitigation plans work in Hyver and how they help you manage cybersecurity risk effectively. You'll learn what each plan includes, how to interpret the key insights, and what each section of the screen tells you about your progress.
Understanding how to read and manage plans is essential for prioritizing remediation efforts and measuring their impact.
Viewing and Understanding Mitigation Plans
Mitigation plans in Hyver are structured projects that help you organize and track how you're addressing security findings. Each plan contains a list of findings and remediation assets, and defines the expected timeframe and goals for reducing risk.
To view your plans, click the Plans icon in the navigation pane on the left:
Insights Panel
At the top of the screen, Hyver gives you a snapshot of your organization’s risk and maturity status:
Organization exposure – Current exposure level across your business assets.
Target exposure – The exposure level you're aiming to reach through mitigation.
Projected reduction for all plans – How much exposure will drop if all plans are completed.
Organization maturity – Your current cybersecurity maturity score.
Target maturity – The goal maturity level you’ve set.
Industry maturity – Average maturity for your industry sector, for benchmarking.
Plan List and Details
Each plan in the list shows the following information:
Plan name – Custom name for the plan.
Exposure reduction – Estimated exposure drop if all findings in the plan are fixed.
Business asset protection – Which business assets will benefit from the plan's mitigations.
Security domain – Relevant security domains impacted by the plan.
Mitigation progress – Two progress bars:
Fixed findings (% of findings resolved).
Time remaining (% of days left until the end date).
Start date / End date – Expected time window for completing the plan. (You can still mitigate findings after the end date.)
Critical to block – Number of high-priority items remaining in the plan.
Findings – Percentage of all organizational findings included in this plan.
Remediation assets – Total number of assets tied to the plan’s findings.
Created by / Modified by – Who created and last edited the plan.
Plan status – Automatically updated by Hyver:
Pending – Before the start date.
In Progress – Between the start and end dates.
Completed – After the end date, regardless of progress.
Plan Details Pane
When you select a plan, the right-hand pane provides:
Plan name
Exposure reduction – Specific reduction if all items are fixed.
Plan status and details – A summary view and a history of updates:
Important notes
Each plan is independent. You can create multiple plans tailored to different priorities.
Findings in a plan can come from one or more engagements, and not all findings appear in the Mitigation Graph.
The priority of the plan itself is not the same as the recommended priority shown for individual findings.
Wrap-up / Next Steps
Mitigation plans in Hyver give you a clear, structured way to track your remediation efforts and show how each action contributes to lowering risk. They also help connect technical fixes to business outcomes — so you know what’s getting safer, and why.
Ready to create your own plan? See also: [Creating a Plan]