I'd like some help in better understanding the Preventative action type.
What is unique to a Preventative action that is different from Remediative or Mitigative? I recognize that there is some overlap, however it would be great to have 1 example to demonstrateÂthe uniquenessÂofÂPreventative that would qualify it as needing its own action type.
In order to try and get my head around this, I did a quick matrix of the current examples and mapped them to each action type. What I'm not seeing is a use case where Preventative would not have already been categorized as either mitigative or preventative.
Does anyone have a good and unique example for Preventative?
| Known Threat | Blocking Rules | Affect Policies | Blackhole | Sinkhole | Blacklist | Patch |
Investigative | Maybe | N | N | N | N | N | N |
Mitigative | Y | Y | Y | Y | Y | Y | Y |
Remediative | Y | Y | Y | | | | Y |
Preventative | Y | Y | Y | Y | Y | Y | Y |
Thanks
-A
--
|
Andrew Storms | VP of Security Services | PÂÂ707-477-4335 | ÂÂ |
|
|
|