Analyzing recommendations for remediation

Review and manage the recommendation information that is provided by IBM® Security Risk Manager recommendation engine. Prescriptive recommendations help you to implement the remedial actions to mitigate risks.

Procedure

  1. On the home page, click the Menu icon.
  2. In the My applications section, click Risk Manager > Recommendations.

    By default, a list of recommendations for which the cases are not created, is displayed in tabular format on the Recommendations page. To view all the recommendations, click Clear filters. You can apply various filters to the recommendations list to focus on the content that you want.

  3. Select the relevant filters and click Apply filters.
  4. Review the details in the recommendations list view.
    Column Description
    Recommendation Prescriptive remediation actions that are suggested for mitigating the identified issues to reduce risk.
    Risk Risk level of the recommendation. Risk level is calculated by the recommendation engine according to the importance that you assign to various factors during risk configuration.
    Assets Number of the impacted assets for which the remedial actions are suggested.
    Threats Number of threats that are identified in the impacted assets.
    Vulnerabilities Number of vulnerabilities that are detected in the impacted assets.
    Category Category of the security controls to be implemented. For example, running vulnerability scan, encrypting data, or monitoring assets.
    Case ID Case identification number. Click the number to view the case summary and to open the Case Management application to view details of the cases.
    Risk areas Name of the risk areas that include the impacted assets for which the recommendations are suggested.
  5. To view details of a specific recommendation and to implement actions, click the selected recommendation. The following information is displayed.
    Asset overview
    View the count of threats and vulnerabilities that are found in the affected assets in the form of a graph chart.
    • Number of threats.
    • Number of weaponized vulnerabilities with exploits.
    • Number of vulnerabilities for which the weaponized code is not needed for exploitation.
    • Number of vulnerabilities with attack chaining capability.
    • Number of vulnerabilities with actions on objectives.
    Risk score
    Risk level of the recommendation. Risk level is calculated by the recommendation engine according to the importance that you assign to various factors during risk configuration.
    Total number of assets
    Total number of affected assets for which a remedial action is suggested.
    Risk areas
    Name of the risk areas and the risk score that contains the affected assets. A risk area is a logical group of threats of similar nature that are aggregated from various security products.
    Tags
    The tags that are assigned to the assets. Tags are assigned to the assets based on multiple criteria. For example, criticality of the asset or business context.
    Case ID
    Case identification number. Click the number to view details of the case that you created and to open the Case Management application. The cases that you created are managed in the Case Management application to track them to closure.
  6. Click Manage assets to view asset details.
  7. Click Remediate now to create a case in the Case Management application. The Remediate now option is enabled only for the recommendations for which the case is not yet created.

What to do next

Create a case by specifying the necessary details. For the steps, see Creating a case to remediate issues.