Remediations

The Remediations page displays the number and types of exposures in the protected deployment. Exposures are color coded as red (High), orange (Medium), and yellow (Low). Scroll through the recommended remediations to find and flag the remediation actions to add to your remediation plan, execute the recommended steps, and increase the security of your environment.

You can click the deployment name to select another deployment for which you want to view results on this page.

To access the Remediations page, click the Remediation tab. The subheadings are Summary and List.

List

This view displays a list of the recommended actions to remediate exposures for the selected deployment. Scroll through the list to find and flag the remediation steps to perform to increase the security of your deployment.

You can use filters to narrow the list of remediation steps by searching by specified applications, auto scaling groups, environments, AMIs, load balancers, regions, security groups, subnets, tags, users, and/or VPCs.

If you like the filter set you created, save it for later use. Filter sets you create on the Remediations page are also available from the Dashboard page.

Other actions you can take on the list page include:

  • Click one or more Available Filters to add them to the Active Filters, and narrow your list of remediation steps. Click the "x" of an active filter to remove the filter from the list.
  • Click the remediation to display a description of the suggested remediation. From the description, you can click listed exposures, affected assets, and evidence entries to read more information about each. The description allows you to add the remediation to your plan, dispose of the remediation, or mark it as complete.
  • Click one or more remediation steps that you want to add to your remediation plan.
  • Click Plan to add selected remediation steps to your remediation plan.

Planned

Your remediation plan is a customized list of action items, selected from the Remediations page, that you want to track and address.

You can prioritize remediation steps by the date they were added:

  • Today
  • Past 7 Days
  • Past 30 Days
  • Past 6 Months

or by threat level:

  • High
  • Medium
  • Low
  • Info

Select a remediation step to mark the task as complete, dispose of the task, or remove the task from your plan.

Mark as Complete

If you mark the remediation step as complete, Alert Logic verifies the exposure no longer exists during the next deployment scan.

Dispose

If you dispose one or more remediation steps, Alert Logic marks them as disposed in future remediation suggestions, and ignores the exposures they represent when calculating the risk of your environment. Disposed remediations appear on the History page for a specified disposal period during which you can review them, and have the option to select them and restore them to your remediation plan. Upon expiration of the disposal period, Alert Logic no longer ignores the exposure, and the remediation step returns to the Remediations page.

Restore from my plan

If you restore a remediation step from your plan, the item becomes available on the Remediations page for other users to add to their plans.