Managing security gaps

Admin users with sufficient permissions can review and manage security gaps for their workspace using the Security Gaps page.

Important

Managed Service Provider (MSP) admin users with sufficient permissions can review and manage global security gaps across parent and descendant workspaces using the global Security gaps page.

Fixing security gaps

You can review and fix security gaps. Some gaps support automatic fixes, while others require manual action.

Important

Admin users can initiate and approve automatic fixes for security gaps that do not require additional input. Manual fixes are required for issues that need administrative action, elevated permissions, or external configuration steps.

Fixing security gaps automatically

Coro can automatically fix security gaps that do not require admin user input, such as misconfigured endpoint protection or device workspace settings.

Coro can automatically fix the following gaps:

Security category Security gap Automated action
Devices Visibility Mode Enabled Disables Visibility mode.
Allow Self-Update Not Enabled Applies the ALL DEVICES workspace label to Allow self-update to the latest stable version.
Email Security Email Protection Disabled Enables Scan emails for the following threat types.
Endpoint Security NGAV Real-Time Malware and Ransomware Protection Disabled Enables Real-Time Malware and Ransomware Protection.
NGAV ATC Disabled Enables Advanced Threat Control (ATC).
NGAV Security Shadow Backups Disabled Enables Secured Shadow Backups.
Wi-Fi Phishing Not Activated Enables Wi-Fi Phishing.
Important

Admin users can fix gaps in their workspace, while MSP admin users can fix global gaps for their parent and descendant workspaces.

To automatically fix a gap:

  1. Access Security gaps .
  2. Locate the gap in the active gap list.
    note

    Make sure you select Active from the State dropdown list to see all active gaps.

  3. Select FIX :

    Coro displays the Review and apply auto fix dialog:

    Security gap Review and apply auto fix

  4. Review the Fix details section of the Review and apply auto fix dialog.
  5. Select APPLY .

    Coro applies the fix and removes the gap from the active gap list.

Fixing global security gaps automatically

Important

This section only applies to MSP admin users.

To automatically fix a global gap:

  1. Access global Security gaps .
  2. Locate the global gap from the active gap list.
    note

    Make sure you select Active from the State dropdown list to see all active gaps.

  3. Select FIX ALL :

    Security gap fix all

    Coro displays the Review and apply auto fix dialog.

  4. From the Workspace list, select the required workspaces to which to apply the fix:

    Security workspace list

    note

    Use the search field to find workspaces.

  5. Select APPLY .

    Coro applies the fix for the affected workspace and removes that workspace from the Workspace list for that global gap.

    note

    Coro removes the global gap from the active gap list after you resolve it across all workspaces in the Workspace list.

Fixing security gaps manually

Coro requires manual fixes for security gaps it cannot resolve without user input. These issues require administrative action, elevated platform permissions, or external configuration steps.

You can manually fix the following gaps:

Security category Security gap
Cloud Security No Cloud Application Connected
Data Governance No Scheduled Scan Added
Devices Add Devices Labels to Workspaces
Endpoint Security No Endpoints Added for Monitoring
MSP Workspace Labels No Workspace Labels Added
Users No Protected Users Added

To manually fix a gap:

  1. Access Security gaps .
  2. Locate the gap in the active gap list.
    note

    Make sure you select Active from the State dropdown list to see all active gaps.

  3. Select FIX MANUALLY :

    Security gap fix manually

    Coro displays the Review steps to fix dialog, which includes the steps to perform to manually fix the gap. Review and note these steps before proceeding.

  4. Select go to setting :

    Security gap fix manually

    Coro opens the settings page corresponding to the security gap in the affected workspace.

  5. Update the misconfigured setting according to the previously noted Fix details section of the Review steps to fix dialog.

    Coro removes the gap from the active gap list.

Fixing global security gaps manually

Important

This section only applies to MSP admin users.

To manually fix a global gap:

  1. Access global Security gaps .
  2. Locate the global gap from the active gap list.
    note

    Make sure you select Active from the State dropdown list to see all active gaps.

  3. Select FIX MANUALLY :

    Global security gap fix manually

    Coro displays the Review steps to fix dialog, which includes the steps to perform to manually fix the global gap. Review and note these steps before proceeding.

  4. From the Affected workspaces list, select Go to setting for the corresponding workspace:

    Global security gap fix manually

    Coro opens the target workspace's settings page.

  5. Update the misconfigured setting according to the previously noted Fix details section of the Review steps to fix dialog.

    Coro removes the workspace from the Affected workspaces list for that global gap.

  6. Select Back to Security Gaps to go back to the Review steps to fix dialog:

    Global security gap fix manually back button

  7. Select CONFIRM to close the Review steps to fix dialog:

    Global security gap fix manually

note

Coro removes the global gap from the active gap list after you resolve it across all workspaces in the Affected workspaces list.

Ignoring and restoring security gaps

You can choose to ignore gaps that are not immediately actionable or are being addressed through other workflows. Coro removes ignored gaps from the active list, but they remain accessible for review. You can also restore ignored gaps to the active gap list.

To ignore an active gap:

  1. Locate the gap in the active gap list.
    note

    Make sure you select Active from the State dropdown list to see all active gaps.

  2. Select IGNORE :

    Security gap ignore

    Coro displays the Confirm security gap ignore dialog.

  3. Select CONFIRM to ignore the gap:

    Security gap confirm ignore

    Coro moves the gap to the ignored gap list.

    note

    For global gaps, Coro adds the gap to the ignored gap list in the parent workspace's global view, which automatically applies to all affected descendant workspaces.

To restore an ignored gap to the active gap list:

  1. Locate the gap in the ignored gap list.
    note

    Make sure you select Ignored from the State dropdown list to see all ignored gaps.

  2. Select MARK AS ACTIVE :

    Security gap mark active

    Coro restores the gap to the active gap list.

    note

    For global gaps, Coro restores the gap to the active gap list for all affected workspaces.