0
3.0.1
Yokohama, Xanadu, Washington DC, Vancouver
Mitigation controls monitoring automatically identifies how security tools such as endpoint protection (EDR) and web application firewall (WAF) are configured in your environment and what MITRE techniques are mitigated as a result. These mitigations are mapped to vulnerabilities so that your vulnerability managers can automatically reduce risk scores for vulnerable items based on available mitigation controls.
The following use cases are supported:
- Mitigation controls policies included with the application that help you identify various mitigations present on your assets based on how different security controls and tools are configured.
- Identify if your assets have Web Application Firewall (WAF) protection.
- Automatically map the WAF mitigation to vulnerable items by analyzing the policy signatures in the firewall and the Common Vulnerabilities and Exposures (CVE) information.
- Identify exploit mitigation controls from endpoint protection or Endpoint Detection and Response (EDR) tools like CrowdStrike and Microsoft Defender for Endpoint.
- Automatically map the EDR exploit mitigation controls to relevant vulnerable items by analyzing the vulnerability information and the EDR mitigation control configuration.
- Populate vulnerable items with relevant attributes that can be used in your Vulnerability Response risk calculator rules.
- Monitor assets for internal security compliance standards by creating custom mitigation control policies using advanced configuration data from EDR tools.
- View a mitigation controls summary on the dashboard and drill down to see the underlying assets.
- Supported Web Application Firewall tools include F5 Big-IP.
- Supported Endpoint Protection or EDR tools include CrowdStrike and Microsoft Defender for Endpoint.
Fixed:
- F5 Big-IP integrations timing out with the Mid Server.
Dependencies
- Security Integration Framework
- Security Support Common
- Vulnerability Response Common