Security Policy Templates use existing Forescout functionality to detect, evaluate and respond to vulnerabilities and threats – speeding and simplifying your network response. When this module is installed, templates are available in the Policy view of the Console under the Vulnerability and Response sub-folder in the Templates tree.
The database is cumulative: this release includes all previous vulnerabilities and updates.
As formerly isolated industrial/infrastructure OT networks converge with IT networks, they become vulnerable to new attack vectors. The recent attack on Colonial Pipeline from a cyber-criminal group named Darkside is an example of this.
The VR DarkSide Ransomware policy template finds endpoints that have communicated with currently known Darkside sites and servers. Update policy conditions as new information emerges about DarkSide sites and servers as described in Update Suspect DNS Names and IP Addresses section (See RN).
The policy evaluates both managed and unmanaged endpoints. No credentials are required for endpoint login.
This module is supported by the following releases:
- CounterACT 8.0.1 or above
- Forescout 8.1
- Forescout 8.2
Forescout Flexx Licensing Customers:
Download the module and related documentation from the Customer Support Portal.
Access documentation at Documentation Portal: