From 29f25768b2a6f81db5a78a156208bc15d3d60832 Mon Sep 17 00:00:00 2001 From: Letha Date: Mon, 2 Dec 2024 18:08:22 -0800 Subject: [PATCH] Add drift to glossary (#487) * Add drift to glossary * I didn't like what I wrote * missing period --- docs/glossary.mdx | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/glossary.mdx b/docs/glossary.mdx index 5079d19c0..61648b5a0 100644 --- a/docs/glossary.mdx +++ b/docs/glossary.mdx @@ -65,6 +65,10 @@ A [control](/platform/compliance/monitor/frameworks/#controls-and-checks) is a g A [CVE](/platform/security/posture/vulnerabilities/) (common vulnerability and exposure) is a weakness in a computer system that an attacker can exploit to gain access or extract information. +### drift + +See [security drift](#security-drift). + ### integration An [integration](/platform/infra/overview/) is Mondoo's connection and communication with an external system. Most integrations are with [assets](#asset). They allow Mondoo to gather inventory details, assess the security of an asset, and measure compliance. @@ -115,6 +119,10 @@ Mondoo assigns a [risk score](/platform/security/posture/findings/#risk-score) o Mondoo gives each asset and space a security [score] that represents their ability to withstand attack. Scores are based on the security [policies](#policy) you choose. To learn how Mondoo calculates scores, read [How Mondoo scores policies](/platform/security/posture/monitor/#how-mondoo-scores-policies). +### security drift + +Security drift (also known as "security posture drift" or just "drift") occurs when your infrastructure becomes more vulnerable to attack. Security practices and controls can deteriorate over time as your system configurations deviate from your established baselines. It's important to catch drift before it becomes a big problem. You can configure Mondoo to [automatically create a ticket](/platform/cases/manage/#automatically-create-cases-on-drift) in your tracking system (such as Jira or ServiceNow) when it detects drift. + ### security posture Your [security posture](/platform/security/posture/overview/) is your organization's ability to identify, respond to, and recover from security threats and risks.