White shape | Hexiosec Logo

Simplify Your Cyber Risk Management with Actions

Nicola Chapman
26 May 2023
|
2 min Read
|
Nicola Chapman

The first step when looking to improve your cyber security posture is understanding the risks you are vulnerable to, but once you have visibility of these risks, you then need to plan how to tackle them.

Hexiosec ASM’s powerful Actions feature helps you to understand and prioritise the actions you need to take to improve the security of your attack surface.

What is an Action?

As the name suggests, an ‘Action’ is a thing you need to do to resolve one or more risks against your attack surface. Instead of just giving you a long list of risks for you to investigate, Hexiosec groups your risks together based on the resolution required and the domain or IP address the risks are against.

For example, if there are multiple different Critical Vulnerabilities & Exposures (CVEs) against an out of date version of PHP you are using, one Action will be raised to update PHP on the domain it’s used on.

Similarly, if you have more than one risk relating to a certificate, one action will be raised by Hexiosec to resolve all issues with that certificate.

List View of Advised Actions

Action management

Now you’ve got a list of actions you need to take, you can use Hexiosec to manage these through to resolution.

The Kanban board view allows you to prioritise and track progress of the actions.

Unplanned Actions on Kanban Board

You can view the description & remediation help, assign an owner, add due dates and add notes. You can also view the individual risks that have been grouped into the action.

Remediation & Vulnerability Advice

Resolution

Each time Hexiosec ASM rescans your attack surface, it is checking to see whether the risks that were previously identified are still present.

When the risks under an action are no longer detected, the action will automatically be marked as resolved, giving you confirmation that your fixes or other remediation activities have been successful.

Actions - Resolution Kanban Board

In addition to this, notifications can be configured to alert you when risks that were previously detected are no longer found.

For more information about notifications you can read this blog: How to get the most out of your Hexiosec notifications.

About Nicola Chapman
Nicola is the Product Manager for Hexiosec, working closely with the ASM engineers to represent our customers' and users' needs. She has over 10 years product management experience building products to help solve real world problems for businesses.
Nicola Chapman