Simulate Vulnerability Patch Scenarios

Patch recommendations will appear only after you have successfully created an attack scenario.

The recommended remediation actions for the identified vulnerabilities in the current attack scenario can be used to perform what-if analysis by testing the effect of applying selected recommendations to the current attack scenario. Most recommendations will address multiple vulnerabilities at once.

Recommendations are listed from those that protect the largest asset value for the smallest effort, to those that protect the least asset value for the largest effort. Each recommendation is independent, so the same host vulnerability might appear in more than one recommendation.

Each path highlighted by Risk Analyzer is unique and has exactly one patch associated with it. After you simulate an attack and analyze the results in the All Assets >Attack pane, the pane lists recommended patches for each network vulnerability detected. The patches that would fix the most vulnerable network segments and attack paths, or involve hosts with the highest value to the business, are listed at the top. Recommended patches are sorted by priority based on all the paths associated with the originating network segment.

Using the attack pane, you can test different patch scenarios to see how effective they would be in securing the selected network segment by how much they would reduce the risk score.

To patch network vulnerabilities, complete the following steps.

  1. Click beside a patch to view the assets included in the patch.

A condensed list of the vulnerabilities on that asset appears. A single risk score appears on the risk meter bar.

  1. Click beside a Asset ID to view the assess.

    A detailed list of the vulnerabilities on that asset appears. A single risk score appears on the risk meter bar.

  1. Select the check box beside each recommended patch scenario you want to implement. The patches for higher risks will have the greatest effect.
  2. Click Recalculate.

Risk Analyzer removes the selected attack path you patched is removed form the map, and a new 360° attack on the network is simulated, originating from the network segment you originally selected. A totally new attack scenario is mapped, and a new, lower risk score appears on the risk meter bar and at the top of the attack pane in place of the old risk score.

  1. Optional. To return to the original risk context, click on the highest risk score (example: ) on the risk meter bar.
  1. Select the check box next to the new recommended patch scenarios you would like to implement.
  2. Click Recalculate.

When you have selected the check box next to every recommended patch, the pane will display a message that reads "The attack did not result in any recommendations."