Posture Management Controls Configuration

Learn how to configure posture management controls for increased security of your system.

Written By Davit Asatryan (Administrator)

Updated at August 28th, 2023

To begin working on controls recommended by SpinOne, head to Posture Management from the left panel and click on Controls from the dropdown.

You'll notice that each control has some information around it.

 

Control Breakdown

  1. Severity - the criticality of the control (high, medium, low, info)
  2. Control - subject and description of each control
  3. Status - representation of the current completion status of the control
  4. Points achieved - each control has a different number of points and based on completion, customers can achieve none, all or partial
  5. Category - which security category the control belongs in
  6. Standards - known & existing benchmarks and frameworks that the control meets

 

Each control has these sections filled in to immediately give customers information about the control's purpose, severity and status.

 

Control Overview

Clicking on each control opens up more information and actions customers can take.

  1. Description - a more detailed explanation of the control and potential issues if not configured correctly
  2. Insights - information on assets that meet or do not meet parts of the control
  3. Actions - detailed explanation on how to configure the control correctly
  4. [NEW] Manage & Share - ability to change status or share control to an integration (Explained in more detail below)

 

[NEW] Manage & Share

Manage allows customers to change the status of the control manually. There are two possible statuses that can be granted manually:

  • Risk Accepted - Control has not been implemented but imposed risk has been accepted
  • Alternative Resolution - Control has been fully implemented through alternative methods

To put controls in these statuses, customers must also specify their reasoning and add additional notes.

 

Share allows customers to share the control to Email, Jira & ServiceNow integration. This can help to delegate the control to different departments within the organization by creating a ticket for them, or can even act as a way to notify End Users on changes they need to make from their end.

Was this article helpful?