View information about high-impact risk events and remediation steps that you must complete to achieve specific risk reduction goals.
Risk Reduction Measures provides a structured and targeted approach to
reducing your Risk Index. After you select a risk reduction goal, the widget displays
the risk
events with the highest impact on the Risk Index, the assets most affected by these
events, and
the recommended remediation steps. To access the widget, go to
.
NoteThe Risk Index automatically updates every four hours. Changes to the status of risk
events are reflected in the Risk Index after up to one hour. You may also manually
recalculate the Risk Index by clicking the Recalculate button. Manual recalculations take up to one hour to display.
Updating the Risk Index after remediation might take up to 24 hours to complete, depending
on the connected data sources used.
|
The following table outlines the actions you can perform on the widget.
Action
|
Description
|
||
Click Select a Goal to choose an available risk reduction goal or
specify your own goal.
|
|||
View a summary of the risk events that you must remediate to achieve the selected
goal
|
The widget shows information about risk events with the highest impact on your Risk
Index,
including the following:
Data in the summary table is updated every 4 hours while changes to asset details
take
effect immediately. Any inconsistencies might be resolved whenever the summary table
is
updated.
|
||
View information about the assets that were most impacted by each risk event
|
Click any risk event to view the list of most impacted assets with available remediation
actions. Attack Surface Risk Management recommends prioritizing these assets so you can achieve the selected risk reduction
goal.
The list only includes assets with risk events that are marked "New" and "In
progress".
|
||
Change the status of risk events.
|
To track your remediation progress, you can change the status of
risk events. Changing the status of risk events affects individual asset risk scores
and
ultimately your organization's Risk Index.
Risk events for all risk factors except for XDR detection can be marked as one of the five following statuses:
The status of XDR
detection-related risk events that have an assigned workbench alert can only be changed
in the Workbench app.
|
||
Create event rules for risk event instances
|
When marking a risk event as Dismissed, you may create an event rule so that future
instances of the event are not reported and do not contribute to your Risk Index.
When marking a risk event as Accepted, you may create an event rule that automatically
marks all current and future instances of the risk event as Accepted within a specified
time period. Accepted rules still contribute to your Risk Index.
To view, remove, reactivate, or edit previously created event rules, go to Event Rule Management.
|
||
Create or view a case for a risk event
|
Click the number in the case column to view current cases involving the specified
risk event. Click the options icon () to open a new case for the risk event or add the case to an existing risk event.
This option is not available for XDR detection or Vulnerabilities risk events.
|
||
View information about all actionable risk events.
|
Click All risk events to view the list of all risk events
identified in the last 30 days with available remediation actions. You can also view
information about all assets impacted by each risk event.
|
Displays the overall Risk Index overview for your organization over the last 7 days and the specific risk categories that
contribute to
the score.
The Risk Reduction Measures widget lists risk events and
related assets with the highest impact on your Risk Index and suggests effective remediation
steps based on your selected risk reduction goal. Click Select a Goal to
change the risk
reduction goal.