Skip to main content

Endpoint Risk Analytics (ERA)

Endpoint Risk Analytics (ERA) helps you assess and harden your endpoints security configurations against industry best practices, to minimize the attack surface.

Important

Endpoint Risk Analytics module is available only for supported Linux and Windows desktop and server operating systems.

ERA gathers and analyzes data through risk scan tasks ran on selected devices in your network.

  1. Go to the Policies page.

  2. Click the Add button and configure the General settings.

  3. Scroll to and select the Risk Management policy.

  4. Select the check box to enable the Risk Management features and start configuring policies that define how to run the Risk Scan task.

Note

For more information about the GravityZone Indicators of Risk, refer to GravityZone Indicators of Risk.

For more information about known application vulnerabilities, refer to the CVE Details website.

Running the Risk Scan task

Follow these steps to run risk scan tasks and assess the results:

  1. You can run risk scan tasks on endpoints in two ways:

    1. On demand - by selecting the endpoints from the Network page and sending a Risk Scan task from the Tasks menu.

    2. Scheduled - by configuring from policy a risk scan task that runs automatically on target endpoints at a defined interval.

    Note

    For more information refer to Running tasks.

    After the risk scan has finished successfully, GravityZone calculates a risk score for each endpoint.

  2. Access the Risk Management dashboard to obtain the following information:

    • The company risk score and score evolution

    • Risk scores and statistics broken down into misconfigurations, vulnerable applications, and affected devices

    • The description of each indicator of risk and the recommended remediation actions

  3. Access the Security Risks page to analyze and mitigate the discovered misconfigurations, application vulnerabilities, and human based risks.

In this section: