Filtering Examples

Several examples of using filters in RiskSense.

RiskSense list views and dashboards offer filtering options, allowing users to narrow their analysis and focus on the most urgent, useful, or interesting results. The following examples are intended to demonstrate some of the ways in which filters can be used to quickly identify exposures and risk.

Example 1

Identify non-Windows hosts that belong to the 10.20.30.0/24 range, have been assigned host name suffix of “.SAN”, and are easily exploitable (i.e., the host has at least one open weaponized finding or an open finding related to default credentials).

Within the Manage > Hosts list view, apply the following four filters:

Filter Category

is / is not

Operator

Value

Operating System

Is not

Like

Windows

IP Address

is

CIDR

10.20.30.0/24

Host Name

is

Wildcard

*.san

Easily Exploitable

is

Exactly

True

Filter Examples - Example 1 Filter

Example 2

Seek out open, high-risk web application vulnerabilities that can lead to execution of malicious code and can be leveraged without the use of valid authentication credentials.

Within the Manage > Application Findings list view, apply the following four filters:

Filter Category

is / is not

Operator

Value

Status

is

Exactly

Open

VRR (Vulnerability Risk Rating

is

Between

7 and 10

Has Malicious Code Execution

is

Exactly

True

Authentication Required

is

Exactly

False

 

 

 

Filter Examples - Example 2 Filter

Example 3

Filter for open high-risk host findings that can lead to Privilege Escalation or Remote Code Execution susceptibility on high business-critical assets that belong to the Accounting or Finance groups.

Within the Manage > Host Findings list view, apply the following four filters:

Filter Category

is / is not

Operator

Value

Status

Is

Exactly

Open

VRR (Vulnerability Risk Rating)

is

Greater Than

7.5

Has Privilege Escalation or Remote Code Execution Exploits

is

Exactly

True

Asset Criticality

is

One of

4,5

Group

Is

One of

Accounting,Finance

Filter Examples - Example 3 Filter