Most of the times, security configurations of network systems are not managed, improperly configured or left as default. There might be chances for default credentials, inactive/disabled firewall and antivirus, elevated privileges, and open shares that might arise security concerns.
In order to reduce the attack surface, Vulnerability Manager Plus continuously monitors all the systems in your network for security misconfigurations and offers a way to resolve the same without impacting critical operations.
Note: Sometimes, security settings might be inappropriately configured in Domain GPO and can't be overridden from the console. To manually resolve these misconfigurations, refer these articles.
You can also track the status of security configuration deployments from Deployment> Security Configurations.