The first step when looking to improve your cyber security posture is understanding the risks you are vulnerable to, but once you have visibility of these risks, you then need to plan how to tackle them.
What is an Action?
As the name suggests, an ‘Action’ is a thing you need to do to resolve one or more risks against your attack surface. Instead of just giving you a long list of risks for you to investigate, FractalScan Surface groups your risks together based on the resolution required and the domain or IP address the risks are against.
For example, if there are multiple different Critical Vulnerabilities & Exposures (CVEs) against an out of date version of PHP you are using, one Action will be raised to update PHP on the domain it’s used on.
Similarly, if you have more than one risk relating to a certificate, one action will be raised by FractalScan Surface to resolve all issues with that certificate.
Now you’ve got a list of actions you need to take, you can use FractalScan Surface to manage these through to resolution.
The Kanban board view allows you to prioritise and track progress of the actions.
You can view the description & remediation help, assign an owner, add due dates and add notes. You can also view the individual risks that have been grouped into the action.
Each time FractalScan Surface rescans your attack surface, it is checking to see whether the risks that were previously identified are still present.
When the risks under an action are no longer detected, the action will automatically be marked as resolved, giving you confirmation that your fixes or other remediation activities have been successful.
In addition to this, notifications can be configured to alert you when risks that were previously detected are no longer found.
For more information about notifications you can read this blog: How to get the most out of your FractalScan Surface notifications.