- November 16, 2021: Added navigational instructions for the Continuous Monitoring application.
- April 15, 2021: Added navigational instructions for the SPM Application.
- June 27, 2019: Published.
The Remediation Strategy panel highlights findings that have had the highest impact on an organization’s security rating over the last 60 days. Use this to determine which risk vectors have the largest possible improvement on an organization’s security posture if remediated.
How it Works
The top 5 most pressing and heavily weighed risk vectors are prioritized from over a 60-day period to help you focus on the risk vectors with the largest potential impact.
The ranking in which the risk vectors are shown is based on the number of recent findings and their severity. The rating impact is measured by how much a rating would change if there were no new observations in a particular risk vector.
The following example remediation strategy shows TLS/SSL Configurations and Web Application Headers as the risk vectors that will have the largest positive impact. Remediation efforts should be focused on these risk vectors:
- Compromised Systems: Calculated as if no new events in that particular risk type had been observed in the 60-day period.
- Diligence: Calculated as if findings with non-GOOD finding grades are converted to GOOD.
This is not intended to be viewed as the total number of available points to possibly earn, as only the top 5 risk vectors are listed in the panel.
Learn more about other remediation strategy tools, such as Rating Improvement.