Utilize compensating control effectiveness rules to automate effectiveness mapping for common, often repeated, high-confidence risk mitigation scenarios. Effectiveness Rules help you reduce the time spent manually triaging issues.
Note
Only users with the role Exposure Management Administrator can create effectiveness rules.
Follow the steps below to create an effectiveness rule:
Navigate to → → → and select Create New Effectiveness Rules.
Enter the required rule details in the fields as shown below:
Name: e.g., NGFW-Effective-Rule
Description: Automatically marks all NGFW-protected vulnerabilities findings as Effective.
Issue Category: Vulnerability (A rule is restricted to a single Issue Category).
Source Risk: This is the "IF" condition. You can select CVE-ID, PRISMA-ID, GHSA-ID, or All.
Tip
Use All, rather than selecting individual CVEs, unless you explicitly only want to mark specific CVEs as Effectively Mitigated.
Security Controls: Select one or more Security Controls this rule applies to (e.g., Prod-Datacenter-NGFW, Staging-NGFW).
Compensating Control Effectiveness: This is the "THEN" action. Set to Effective.
Save the rule. After it is in effect, any new finding that matches these criteria will automatically have its effectiveness set to Effective.