Vulnerability compensating controls are measures taken to mitigate the likelihood or impact of the damage that can be caused by an exploited vulnerability. In order to help an organization plan, track, and measure the implementation of compensating controls on a vulnerability, RiskVision enables users to create and assign vulnerability compensating controls.
While users can create their own vulnerability compensating controls and categories to hold them, RiskVision comes with the following by default:
Computer Compensating Controls (category)
Antivirus
- Application whitelisting
- Data loss prevention
- Encryption (at rest)
- Endpoint detection and response
- Host Intrusion Prevention
- IP blacklist
- IP whitelist
- Multi-factor authentication
- Network access control
- Web application firewall
Network Compensating Controls (category)
Firewall rules (category)
Example rule 1
Example rule 2
Network behavioral analysis
Network intrusion prevention
- Segmentation
Web content filtering
Vulnerability compensating controls can be viewed from the Vulnerability Compensating Controls grid in the Content menu by users with the Threats and Vulnerabilities View or Manage permissions. However, the root menu can only contain categories. Click on a category to view or create vulnerability compensating controls or sub categories.
The Vulnerability Compensating Controls grid provides the following information:
- Type: Whether the item is a category () or a compensating control ().
- Title: The name of the category or compensating control.
- Description: A short description of the category or compensating control.
- Created By: Who created the category or compensating control.
- Last Updated: When the category or compensating control was last edited.