Protect4S is capable of creating a mitigation plan from a scan. Simply press the button "Mitigation plan" on the scan results screen and a new tab will open in which a selection of checks can be made:
Selection of checks for Mitigation plan
By pressing the button Create, an Excel file will be generated that contains a list of vulnerabilities that must be mitigated.
This list is sorted ascending on Mitigation effort, so the "easy to mitigate" vulnerabilities will be grouped and shown first in the list.
In the picture above, the first part of a mitigation plan is shown. Starting with the items that have a very low mitigation effort, the different actions are grouped.
For instance, all dynamic SAP parameter changes are grouped together (as are all static SAP parameter changes) and all simple OSS Notes are also grouped together. This is very useful because:
several vulnerabilities are mitigated in one go
down time is kept to a minimum