Add a compensating control to the library

  • Release version: Xanadu
  • Updated July 31, 2025
  • 1 minute to read

    • As a Vulnerability Manager or Analyst, add a list of compensatory controls to the Compensating Controls library in the Security Exposure Management Workspace, which can be applied for the risk reduction of host vulnerable items and remediation tasks.

    Before you begin

    Role required: sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin

    About this task

    Some commonly used compensating controls are shipped with the base system. You can view these compensating controls by navigating to Workspaces > Security Exposure Management Workspace > Lists > Libraries > Compensating controls. You can activate or deactivate these compensating controls as per your requirement.

    Note:
    The compensating controls feature is available for host vulnerabilities only.

    Procedure

    1. Navigate to Workspaces > Security Exposure Management Workspace.
    2. On the List page under Libraries, select Compensating Controls.
    3. Click New.
    4. On the Create Compensating Controls form, fill in the fields.
      Table 1. Create Compensating Controls form fields
      Field Description
      Name Name of the compensating control, which appears as an option in the Compensating controls drop-down of the Request exception modal.
      Description Brief information that provides details about the Compensating Control.
      Active Status of the compensating control. Only active controls appear in the Compensating controls drop-down of the Request exception modal.
    5. Select Save.
    6. On the Compensating Controls list under Libraries, select the desired compensating control and select Edit, activate or deactivate a compensating control and click Save to modify the compensating controls.
      All the active compensating controls appear as an option in the Compensating controls drop-down of the Request exception modal for risk reduction requests.

    What to do next

    Starting from v21.0 of Vulnerability Response, you can associate compensating controls with CVEs or TPEs after adding a compensating controls to the library. For more information on how to associate compensating controls, see Associate compensating controls with CVEs or TPEs for risk change requests.