Update vulnerability mitigation on a generic control
What is a vulnerability?
A vulnerability is a weakness in your organization or it systems that can be exploited incidentally or deliberately by a threat.
Below is a list of examples of what a vulnerability can be:
- Missing data encryption
- Missing authentication for critical function
- Unrestricted upload of dangerous file types
What does it mean to mitigate a vulnerability?
When a control mitigate a vulnerability it means that by performing the control, the impact of the risk or the probability that the vulnerability is exploited, will be diminished.
Click on “add vulnerability” to open a pop-up window from where you can search for an appropriate vulnerability that the generic control has some mitigating effect on.