Automated Tasks are now Automated Checks, making gap assessments of your infosec infrastructure more streamlined. This update improves visibility, control, and issue resolution, giving you a clearer view of what’s being monitored.
For each automated check, you can:
Assign an owner and track the status, category, and compliance controls for each standard.
View detailed descriptions of what’s being checked.
Use remediation guides to resolve any failed checks.
Sources of automated checks
Our automated checks come from two main sources: External Checks and Secfix Checks, each with different behaviors and refresh mechanisms.
External Checks
These checks monitor external systems and integrations, such as cloud platforms, identity providers, and ticketing systems. They refresh automatically at set intervals to ensure your integrations comply with security best practices.
Example: A check that verifies if MFA (Multi-Factor Authentication) is enabled in your Google Workspace/Microsoft Office 365.
Secfix Checks
These checks assess internal system configurations, policies, and compliance requirements. Unlike External Checks, they don’t rely on external data sources and refresh automatically when changes are made within the app.
Example: A check that ensures all employees accepted assigned policies.
Active vs. Deactivated Checks
To make management easier, checks are now organized into two tabs:
Active Tab – Lists all running checks.
Deactivated Tab – Stores checks that have been turned off.
This separation provides better visibility into what’s actively being monitored.
Understanding Check Statuses
If a check passes
You’ll see a green status, meaning everything is fine.
New: Every check now shows when it was last refreshed (daily, hourly, or weekly). This helps during audits since you can prove that checks are being updated regularly.
New: You can also assign or edit owners to your checks by clicking on the pencil button.
Each check includes a description explaining what’s being monitored.
The logic and content of the check remains the same—we only notify you when a check fails.
If a check fails (needs attention)
Hover over yellow box with the results to see why the check is failing.
Click “Remediate” to go directly to the remediation guide with step-by-step instructions on how to fix it.
Example: If a check detects missing descriptions in your asset inventory, you’ll see all affected assets listed.
How to deactivate a check?
There are two tabs for Automated Checks: Active and Deactivated. If you decide a specific check is not applicable for your company, you can just deactivate it:
Find the check you want to deactivate and open it.
In the top right corner, click on the Deactivate button:
You will be prompted to provide a reason for deactivation. From there you can add a file attachment and/or a URL link to your documentation (optional).
All evidence added to a deactivated check will remain stored in the app. This will ensure you have all your compliance records centralized.
⚠️ If you decide to reactivate a deactivated check - all added attachments will be lost.
Refreshing automated checks
Most automated checks now run on a daily or hourly basis, ensuring you get more up-to-date compliance insights.
Some cloud-related checks will continue to run weekly for performance optimization.
New: We’ve added a last refreshed timestamp so you can always see when a check was last updated.
Coming Soon: We will add a manual refresh button so you can refresh checks in real-time after making changes.
Check out Syncing intervals for more in-depth information.
Need more info?
Check the Changelog for a full list of updates.
Review Remediation guide to troubleshoot failed checks.
These updates should make it easier to manage security and compliance checks.
Let us know on the chat inside the app if you need any help!