Question

Tracking and Closure of Security Findings in Assessments

  • 31 October 2023
  • 1 reply
  • 36 views

Badge

I am currently conducting Best Practice assessments for the Email gateway team, endpoint security, web application firewall, and web gateway. After forwarding the assessment reports to the respective teams, they have confirmed that they have implemented the recommended mitigations. However, I'm facing a challenge in tracking the closure of these findings. The issue is that when I conduct future best practice assessments, I often discover new findings, and only a few from the previous assessment have been addressed.

I'm seeking a solution, idea, or concept to effectively track the closure of my findings to ensure that recommended actions are implemented and that progress is made over time.


1 reply

Userlevel 3
Badge +3

 Hello @kumar_shanu !

To begin, it would be really helpful if you could share some examples of the findings you frequently come across in your assessments.

When it comes to tracking the results of your assessments and ensuring that recommended actions are implemented, there are a few suggestion.

The first is to utilize the drift detection dashboard, which is a global dashboard covering all modules. Alternatively, you can create custom dashboards tailored to your specific needs.

For instance, you can create a widget that displays a list of findings from all assessments that are currently prevented, but were not prevented in their previous status:

Additionally, you can include a Score trend widget to visualize the overall improvement over time:

To track negative drift , you can set up widgets to filter findings with the current status as "not prevented" and the previous status as "prevented."

 

If you need assistance with setting up these dashboards or have specific requirements, please feel free to reach out. We're here to help you find the best solution for your tracking needs.

Reply