Risk Engine & Toxic Combination, Deeper Detection Mechanisms

For every harmful combination that the Risk Engine detects, Security Command Center Enterprise opens a case in the Security Operations panel

[{"selector":"#anim-76c7b8b6-d77b-4b29-882e-6c7716e1d26a [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-a7340829-5ac2-473b-a68d-48162afc503c","keyframes":{"opacity":[1,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-dc5f9d38-c7cf-4ba1-9f3d-8ebc324e2a07","keyframes":{"transform":["scale(3)","scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

Risk Engine computes attack exposure scores for findings and high-value resources, as well as possible attack paths to the high-value resources in your cloud environment, during the simulations

[{"selector":"#anim-6197ea23-4509-4382-be61-774b6b4702b1 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] [{"selector":"#anim-4e1b8d2c-f380-40cb-aa07-339fc68f02a0","keyframes":{"opacity":[1,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-034c3c6e-8c13-4c52-94e4-a84730444e6b","keyframes":{"transform":["scale(3)","scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

When you mute a toxic combination finding, Security Command Center dismisses the case and removes the finding from default views and queries, but the finding stays alive

[{"selector":"#anim-1aab7d0f-76be-4a4d-8141-5f1cbe3d1ea5 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-784ded0e-ed77-461a-9825-1946a43b12a6","keyframes":{"opacity":[1,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-fb0f4197-11a5-4297-971f-b424687eb0fd","keyframes":{"transform":["scale(3)","scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

Risk Engine will automatically recognize and close the case if the hazardous combination is remedied during the subsequent attack path simulation. Approximately every six hours, simulations run

[{"selector":"#anim-44f6d52c-f6c9-4250-9bab-2f16812eece2 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] [{"selector":"#anim-808efbd1-2648-46f2-8174-a8a8fc6ba216","keyframes":{"transform":["translate3d(115.55555%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-fb20c018-0d8d-4719-be11-7d8b32c45a1d","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-9268d2e6-cb9e-4fe1-9e0d-3520691eb3d9","keyframes":{"transform":["scale(0.15)","scale(1)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"forwards"}]

To match the seriousness of the toxic combination discovery and the related alert in the toxic combination case, toxic combination cases by default have a priority of Critical

[{"selector":"#anim-9a269f8c-5661-4ec6-9d39-2bd80f1821df [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-c5d5681d-152f-4fcf-99b1-e5671c4be32d","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

Several of the specific security flaws that Risk Engine identifies are also picked up by other Security Command Center detection services, forming a toxic mix

[{"selector":"#anim-c77f3c7d-9c53-4a8e-8c8c-809792901c3f [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] [{"selector":"#anim-4de379f6-ebb9-4c01-a70b-e10ff837e24b","keyframes":{"transform":["translate3d(115.55555%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-94a52ee1-2ffd-4e91-b151-5d2d84dd3232","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-406527b2-b837-4594-b1dd-adb19ee34ece","keyframes":{"transform":["scale(0.15)","scale(1)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"forwards"}]

For every harmful combination that the Risk Engine detects, Security Command Center Enterprise opens a case in the Security Operations pane

[{"selector":"#anim-987520ad-91c9-4f73-a7ba-f2a2dd16aedc [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-101e2094-e159-465f-a3a9-c13b31ca8738","keyframes":{"transform":["translate3d(-115.2381%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-379d6d65-ef5f-4cc7-8c83-69c5efbbe1aa","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}] [{"selector":"#anim-5c7865b0-065d-410f-a172-7134e02bec38","keyframes":{"transform":["scale(0.15)","scale(1)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"forwards"}]

For more details visit Govindhtech.com

[{"selector":"#anim-499fc6f6-1dfa-432a-9d60-c8e5e7489582 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0) translate(-25%, 0%) scale(1.5)","translate3d(0%, 0, 0) translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"fill":"forwards"}]