Skip to main content

Risk Management

Note

This module is available for:

  • Windows for workstations

  • Windows for servers

  • Linux

The Endpoint Risk Analytics module helps you identify and remediate a large number of network and operating system risks at the endpoint level via risk scan tasks that can be configured in policy to run recurrently on target endpoints.

You can choose from a large list of indicators of risks for scanning your endpoints and determine if they are vulnerable.

To configure ERA:

  1. Select the check box to enable the Risk Management feature and start configuring policies that define how to run the Risk Scan task.

  2. In the Scheduler section you can set the risk scan schedule for target endpoints:

    1. Specify the start date and time for the scheduled risk scan.

    2. Choose the scan recurrence type:

      • Periodically, by a specified number of hours / days / weeks

      • By weekday

      Important

      Endpoints must be powered-on when the schedule is due. A scheduled scan will not run when due if the machine is turned off, hibernating or in Sleep mode. In such situations, the scan will be postponed until next time. The scheduled scan will run at the target endpoint local time. For example, if the scheduled scan is set to start at 6:00 PM and the endpoint is in a different time zone than Control Center, the scanning will start at 6:00 PM (endpoint time).

    3. Optionally, you can specify what happens when the scan task could not start at the scheduled time (endpoint was offline or shutdown).

      Use the If scheduled run time is missed, run task as soon as possible option according to your needs:

      • When you leave the option unchecked, the scan task will attempt to run again at the next scheduled time.

      • When you select the option, you force the scan to run as soon as possible. To fine-tune the best timing for the scan runtime and avoid disturbing the user during the work hours, select Skip if next scheduled scan is due to start in less than, then specify the interval that you want.

Risk scan tasks run with all the indicators of risk activated by default.

After a risk scan task has finished successfully, you can go to the Misconfigurations tab of the Security Risks page, analyze them and choose which indicators to ignore, if needed.

The overall company risk score will be recalculated based on the ignored indicators of risk.

Note

For more information about risk management with GravityZone, refer to Endpoint Risk Analytics (ERA).

In this section: