Patrowl

All Risk Insights detected on your external surface could be found in the “Risk Insights” menu, with specific use cases, and key information allowing to understand quickly the risk discover.

Example with an administration panel interface discovered on your external attack surface:

Exposing this interface is not a direct exploitable security risk, however, this is not good security practice.

We know that in specific security context, a Risk Insight could be considered as a real security mater for your infrastructure, and of course you want to fix it.

If you don’t want to consider this Risk Insight as a “Qualified Vulnerability”, you can simply follow remediation directly in the Risk Insights Menu. Our automation will check continuously if the interface is still reachable by our probes. If not, the Risk Insight status will be automatically be set as “Done”, indicating that our probes are not able to reach the interface or service anymore:

- If you don’t want to consider this Risk Insight as a “Qualified Vulnerability”, you can simply follow remediation directly in the Risk Insights Menu. Our automation will check continuously if the interface is still reachable by our probes. If not, the Risk Insight status will be automatically be set as “Done”, indicating that our probes are not able to reach the interface or service anymore:

⚠️ If the patching of a Risk insight is not resulting as the service closed (example: you change your email SEG for a more secure one), a new risk insight will be created with the new product, and the old one will be automatically set as “Done”. This allows you to have a proper history of all operations performed on your external attack surface.

Ex : changing provider from Azure to Mailinback in SEG

If you want to follow with precision the Risk Insight and obtain a related and detailed remediation plan, you can create a “Qualified Vulnerability” from a Risk Insight. To do so, select the Risk and click on “Action”, “Create Vulnerability”. Then a Qualified vulnerability will be created in the related menu, appearing with a source “Risk Insight”

- If you want to follow with precision the Risk Insight and obtain a related and detailed remediation plan, you can create a “Qualified Vulnerability” from a Risk Insight. To do so, select the Risk and click on “Action”, “Create Vulnerability”. Then a Qualified vulnerability will be created in the related menu, appearing with a source “Risk Insight”

This will allow you to have a proper and detailed remediation plan, and follow with precision the remediation as a qualified vulnerability (add owner, open a ticket, add commentary, automatic retests with date etc).

🗒️ When the Qualified vulnerability will be seen as “fixed”, the related Risk Insight in the Risk Insights menu will automatically be set as “Done”.