Mitigation action

The Mitigation Action column can be used to assign actions. To remove the action that was performed as a response to a threat that is now mitigated, choose Remove. This action removes the device from the group it was assigned to when the threat was detected.

Due to the nature of some threats, not all threat classifications can be mitigated. The following table provides possible mitigation actions for a threat.

Table 9.  Possible Mitigation Actions for a Threat
Threat Mitigation when the following events occur

All man-in-the-middle (MITM) threats

When the device connects to a different basic service set identifier (BSSID).


When the root flag on devices changes from true to false

EOP, system tampering, abnormal process activity

No mitigation, the only mitigation is to flash the device since it has been compromised

USB debugging

When USB debugging is enabled