Using Risk Management
ERA gathers and analyzes data through risk scan tasks ran on selected devices in your network.
First, make sure the ERA module is activated from the policy applied to the selected devices:
Log in to GravityZone Control Center.
Go to the Policies page from the left side menu.
Click the Add button and configure the General settings.
Scroll to and select the Risk Management policy.
Select the check box to enable the Risk Management features and start configuring policies that define how to run the Risk Scan task.
Next, follow these steps to run risk scan tasks and assess the results:
Run a risk scan on your endpoints. You can do this using one of these methods:
On demand - by selecting the endpoints from the Network page and sending a Risk scan task from the Tasks menu or by using the Scan button available above the risks grids under the Misconfigurations, Vulnerabilities, User behavior risks, Devices, and Users pages
Note
For the risk scan to run on an endpoint, it must have a policy applied that has the Risk Management feature enabled.
Scheduled - by configuring from policy a risk scan task that runs automatically on target endpoints at a defined interval.
Note
For more information refer to Running tasks.
After the risk scan has finished successfully, GravityZone calculates a risk score for the company risk score, endpoints(devices), users, vulnerable applications, misconfigurations, and human based risks.
Access the Risk Management dashboard to obtain the following information:
The company risk score and score evolution.
Risk scores and statistics.
The description of each indicator of risk and the recommended remediation actions.
Access the Misconfigurations, Vulnerabilities, User behavior risks, Devices, and Users pages to analyze and mitigate the discovered misconfigurations, application vulnerabilities, and human based risks.
Note
For more information about the GravityZone Indicators of Risk, refer to GravityZone Indicators of Risk.
For more information about known application vulnerabilities, refer to the CVE Details website.