Alert Logic has improved the content used to create security remediation groupings as part of continued investment in the Managed Detection and Response platform. With these improvements, Alert Logic now provides security remediations with more consistent and meaningful information, as well as enhanced remediation groupings that eliminate clutter and produce fewer related remediations.
Improvements to Security Remediation Groupings
Security remediation groupings have been enhanced in the following ways:
- Various forms of "Contact Vendor..." remediations have been replaced with a more consistent text - "Contact the vendor for information on how to fix this vulnerability."
- When applicable and available, the "Contact the vendor..." remediation is replaced with more detailed information from OVAL (Open Vulnerability and Assessment Language) definitions(1) and vendor advisories(2).
- (1)More detailed values are provided when applicable products are available from OVAL. Example - "Update applicable Oracle Java JDK and Oracle Java JRE."
- (2)More detailed values are provided when Vendor Advisories are available. Example - "Please contact the vendor advisory ADV200004 or contact your vendor for an upgrade."
- (1)More detailed values are provided when applicable products are available from OVAL. Example - "Update applicable Oracle Java JDK and Oracle Java JRE."
- More consistent text has replaced other categories of remediations that had a variety of wordings. Examples of new remediations include:
- Review for potential case of no patch available
- Update to the latest version of Flash Player and/or AIR
- Update to the latest version of PHP
- Update to the latest version of Java SE, JRE, JDK, JavaFX, and/or JRockit
- Update to the latest version of Adobe Reader and/or Acrobat
- Update to the latest version of Google Chrome
- Update to the latest version of Google Chrome and/or Microsoft Edge
- Update to the latest version of Mozilla Firefox and/or Thunderbird
- Run Windows Update or update Linux kernel
- Rin Windows Update or apply security patches
- It is recommended that the user upgrade to the latest version of the distribution's kernel package
This change will result in a less cluttered remediation view, with more related vulnerabilities grouped under fewer and more consistent remediations.
View Open Remediations
Due to the above described changes, some previously disposed remediations may reappear. These remediations may need to be disposed of again based on the new values. To identify these newly re-opened remediations, review your list of open remediations for those that need to be re-disposed.
To review your open remediations in the Alert Logic console, follow these steps:
- Open the navigation menu () and select Respond, then Exposures.
- If the drop-down menu at the top of the list of remediations/exposures reads Exposures, open the menu, and select Remediations.
- In the top-most list of filters on the left, select Open.
Additional Resources
For more details on managing exposures and remediations, see the following Alert Logic documentation:
Comments
0 comments
Please sign in to leave a comment.