Policy Monitor Use Cases
Many options are available when you create questions to analyze your network for risk.
The following Policy Monitor examples outline common use cases that you can use in your network environment.
Prioritizing High Risk Vulnerabilities by Applying Risk Policies
In JSA Vulnerability Manager, you can alert administrators to high-risk vulnerabilities by applying risk policies to your vulnerabilities.
When you apply a risk policy, the risk score of a vulnerability is adjusted, which allows administrators to prioritize more accurately the vulnerabilities that require immediate attention.
In the following example, the vulnerability risk score is automatically increased by a percentage factor for any vulnerability that remains active on your network after 40 days.
- Click the Vulnerabilities tab.
- In the navigation pane, click Manage Vulnerabilities.
- On the toolbar, click Search >New Search.
- In the Search Parameters pane, configure the
Risk Equals High
Days since vulnerabilities discovered Greater than or equal to 40
- Click Search and then on the toolbar click Save Search Criteria.
Type a saved search name that is identifiable in JSA Risk Manager.
- Click the Risks tab.
- In the navigation pane, click Policy Monitor.
- On the toolbar, click Actions >New.
- In the What do you want to name this question field, type a name.
- In the Which tests do you want to include in your question field, click are susceptible to vulnerabilities contained in vulnerability saved searches.
- In the Find Assets that field, click the underlined parameter on the are susceptible to vulnerabilities contained in vulnerability saved searches.
- Identify your JSA Vulnerability Manager high risk vulnerability saved search, click Add, then click OK.
- Click Save Question.
- In the Questions pane, select your question
from the list and on the toolbar click Monitor.
The Event Description field is mandatory.
- Click Dispatch question passed events.
- In the Vulnerability Score Adjustments field, type a risk adjustment percentage value in the Percentage vulnerability score adjustment on question fail field.
- Click Apply adjustment to all vulnerabilities on an asset then click Save Monitor.
On the Vulnerabilities tab, you can search your high risk vulnerabilities and prioritize your vulnerabilities.