After a security control is created, it does not immediately enter an Active state. You cannot create a control and immediately see it on a finding. All security controls go through the lifecycle outlined below, before they are fully active:
State | Definition | Take Action |
|---|---|---|
Disabled | The security control is not associated with at least one Asset or Network. | This is an initial state that must be updated as soon as possible. You must edit the control and add an association (Assets or Networks). |
Discovery | The control is newly created and associated with Asset Groups and Networks. | This state lasts for 24 hours. The platform is mapping assets. The control is not yet active. |
Active | The control has successfully matched at least one asset in the inventory. | The control is now live. The platform will re-verify this association at least every 24 hours. |
Inactive | The control was found to have no matching assets during its last check. | This health metric indicates that your Asset Group is outdated, the assets were decommissioned, or the control is stale. The platform checks for new Assets every 4 hours. |
View and edit security controls
Follow the steps below to view, edit, delete or copy security controls:
Navigate to to view a list of all previously created controls. Select the filter icon to narrow your search by the categories provided in the drop-down.
Right-click on a control to view all available actions. Select Edit Control to update control details and click Save.
Alternatively, you can also find Detected Controls and Detected Controls Coverage on the Vulnerability Issue ( → → page.