To begin working on controls recommended by SpinOne, head to Posture Management from the left panel and click on Controls from the dropdown.
You'll notice that each control has some information around it.
- Severity - the criticality of the control (high, medium, low, info)
- Control - subject and description of each control
- Status - representation of the current completion status of the control
- Points achieved - each control has a different number of points and based on completion, customers can achieve none, all or partial
- Category - which security category the control belongs in
- Standards - known & existing benchmarks and frameworks that the control meets
Each control has these sections filled in to immediately give customers information about the control's purpose, severity and status.
Clicking on each control opens up more information and actions customers can take.
- Description - a more detailed explanation of the control and potential issues if not configured correctly
- Insights - information on assets that meet or do not meet parts of the control
- Actions - detailed explanation on how to configure the control correctly
- [NEW] Manage & Share - ability to change status or share control to an integration (Explained in more detail below)
[NEW] Manage & Share
Manage allows customers to change the status of the control manually. There are two possible statuses that can be granted manually:
- Risk Accepted - Control has not been implemented but imposed risk has been accepted
- Alternative Resolution - Control has been fully implemented through alternative methods
To put controls in these statuses, customers must also specify their reasoning and add additional notes.
Share allows customers to share the control to Email, Jira & ServiceNow integration. This can help to delegate the control to different departments within the organization by creating a ticket for them, or can even act as a way to notify End Users on changes they need to make from their end.