Skip to main content

Using Risk Management

ERA gathers and analyzes data through risk scan tasks ran on selected devices in your network.

First, make sure the ERA module is activated from the policy applied to the selected devices:

  1. Log in to GravityZone Control Center.

  2. Go to the Policies page from the left side menu.

  3. Click the Add button and configure the General settings.

  4. Scroll to and select the Risk Management policy.

  5. Select the check box to enable the Risk Management features and start configuring policies that define how to run the Risk Scan task.

Next, follow these steps to run risk scan tasks and assess the results:

  1. Run a risk scan on your endpoints. You can do this using one of these methods:

    1. On demand - by selecting the endpoints from the Network page and sending a Risk scan task from the Tasks menu.

      Note

      For the risk scan to run on an endpoint, it must have a policy applied that has the Risk Management feature enabled.

    2. Scheduled - by configuring from policy a risk scan task that runs automatically on target endpoints at a defined interval.

    Note

    For more information refer to Running tasks.

    After the risk scan has finished successfully, GravityZone calculates a risk score for each endpoint.

  2. Access the Risk Management dashboard to obtain the following information:

    • The company risk score and score evolution

    • Risk scores and statistics broken down into misconfigurations, vulnerable applications, and affected devices

    • The description of each indicator of risk and the recommended remediation actions

  3. Access the Misconfigurations, Vulnerabilities, User behavior risks, Devices, and Users pages to analyze and mitigate the discovered misconfigurations, application vulnerabilities, and human based risks.

Note

For more information about the GravityZone Indicators of Risk, refer to GravityZone Indicators of Risk.

For more information about known application vulnerabilities, refer to the CVE Details website.