Docs
User Guide
Risks

Risks

The Risk Management section helps you identify, track, and remediate security gaps in your infrastructure. It is divided into two main areas: Findings and Benchmark Reports.

Findings

The Findings page highlights the misconfigurations or security risks detected within your infrastructure. It provides an overview of the identified issues, enabling you to prioritize and address them swiftly.

  • Histogram: A visual representation of the controls with the highest number of findings. This helps you quickly identify areas that need the most attention.

  • Control List: A detailed list of controls, grouped by resources, allowing you to drill down and understand which devices or networks are affected by each finding.

Remediation Actions

For each finding identified within the Findings section, the platform provides Remediation to guide you through the process of addressing and resolving the misconfigurations or security risks.

Each control will provide a set of clear and actionable steps that can be taken to remediate the issue, reducing the security gap. Additionally, you have the option to mute a finding. Muting a finding will temporarily suppress its visibility, allowing you to focus on other priorities. Muted findings can be unmuted at any time, giving you the flexibility to revisit them when needed.

Benchmark Details

The Benchmark Reports section allows you to evaluate your facility’s security posture against established benchmarks. You may have several benchmarks configured, such as:

  • MITRE ATT&CK for ICS
  • NIS2
  • NIST 800-82
  • TISAX

For each benchmark, the relevant security controls are mapped automatically to provide a comprehensive view of your compliance. The platform generates a detailed report that includes:

  • Compliance Position: An overview of how well your infrastructure meets each benchmark.
  • Mapped Controls: A breakdown of which security controls align with the requirements, helping you track compliance and understand areas where improvements are needed.

How Often are Risk Controls Evaluated?

Security controls inside the risk section are evaluated along with the inventory refresh, which happens every eight hours.

It is possible to force a manual refresh from the “Refresh Resources” button in the Settings.

InventoryVulnerability Management