The Platform introduces Automatic Dynamic Remediation, a ground-breaking feature that automates the management of vulnerabilities. This capability allows for seamless remediation of past issues that were not detected in recent scans, providing users with a robust and efficient tool for ongoing vulnerability management.
Setting Up Dynamic Remediation:
Navigate to 'Projects' in the Menu.
Select your desired Project from the list.
On the 'Edit Project' screen, choose your preferred setting:
Enabled with human intervention
Enabled without human intervention
Option to disable the feature
Click ‘Save Project’ to apply your settings.
(Optional) Enable the “Ignore Missing Assets?” option.
“Ignore Missing Assets?” - This option instructs the Dynamic Remediation (DR) process to ignore missing assets when comparing assets between the latest scan and the previous scan. The option was introduced to address situations where the accessibility of certain asset types (particularly client laptops/workstations) changes at the time of each network scan - i.e. for the scan, some assets are joined to the network and accessible, whilst others may have left the network and are inaccessible (to the network scanner). |
Dynamic Remediation with Human Intervention:
Upon closing a subsequent scan, the Platform provides a detailed comparison report between the latest and previous scans.
The report highlights missing hosts, changes in ports, and potential issues for automatic remediation.
Users have options to cancel, complete without remediation, or complete and remediate based on the report.
Dynamic Remediation without Human Intervention - Fully Automated:
The Platform offers a fully automated approach, ideal for large digital estates.
This setting autonomously compares and remediates issues based on scan differences, enhancing efficiency and security.
When applying this setting, the user has the option to set a delta tolerance level. a setting that enhances control over automated dynamic remediation actions. This feature is designed to prevent incorrect or premature Auto DR actions caused by problematic scan imports, such as those with the wrong scope or incomplete data. Key points:
Configurable Change Threshold: Users can now set a specific Delta Tolerance Level for detected changes within the Auto DR calculation. If the amount of changes exceeds the predefined percentage (ranging from 10% to 90%), the scan will require human intervention.
Safeguard Against Erroneous Auto DR: This new setting acts as a safeguard, ensuring that significant changes detected in a scan are verified by a human before any remediation is applied.
Notification System: When the threshold is triggered, the system will send both an email and an in-platform notification to all users with access to the project, alerting them that the scan requires review.
Fully Automated Process: Streamlines end-to-end vulnerability management, reducing the need for manual intervention.
Flexibility and Control: Offers users the ability to tailor the automation level to their needs.
Simplified Remediation: Automates the identification and remediation of vulnerabilities, improving operational efficiency.
Enhanced Security: Quickens the response to vulnerabilities, mitigating risks and enhancing security.
Monitoring and Insights:
Scan-by-Scan Tracking: Monitor the progress of remediation after each scan, ensuring transparency and effectiveness.
Project Insights: Gain valuable insights into the overall progress of your vulnerability management efforts.
Access additional metrics in the Dynamic Remediation tab at both scan and project levels to measure remediation effectiveness and identify improvement areas.
The Platform's Automatic Dynamic Remediation feature offers a comprehensive solution for managing vulnerabilities with ease and precision. By leveraging its automated capabilities, you can ensure effective and efficient resolution of vulnerabilities, bolstering your organization's cybersecurity resilience.