High-level overview of the Hosts page in RiskSense.
The Hosts page is the primary source for organizing and remediating findings within the RiskSense platform. Navigate to the Manage > Hosts page to see the assets on the network. You can only view hosts you are assigned to via group permissions.
- Filters: Filters allow the user to apply multiple selections to customize the view and see specific findings as needed.
- Active Filters: Select your filter category, adjust any additional filter boxes that pop up related to that category, and click the Add The new filter is added to the filter list below and adjust your hosts accordingly.
- Saved Filters: After creating a filter in Active Filters, the user can save the filter in Saved Filters for quick access for future use.
- System Filters: Filters frequently used within RiskSense to organize hosts with threats, as well as quick filters for top exploits.
- Site Navigation Breadcrumbs and Filters: The site navigation breadcrumbs show where, in the platform, the current page is located. The Active Filters show what filters are currently applied as hosts are displayed on the screen.
- Page Refresh: Click this button to refresh the page.
- Export: Becomes available when hosts are selected. Options for exporting findings include XML, XLSX, and CSV. Name the file (optional) and insert comments (optional). Details on the hosts and corresponding exploits/severity are exported.
- Tags: Drop-down allows user to apply existing tags to selected hosts or create new tags. This is helpful for sorting hosts as well as tracking remediation projects (under project tags).
- More: Contains multiple options for the assignment, remediation, and review of vulnerabilities. The user can also make notes on findings.
- Checkboxes: User can Select All or Deselect All findings.
- RS³: The individual RS³ score for this host. This is based on several factors, including being an internal/external host and severity of vulnerabilities on the host.
XRS³: External RS³ (From RiskSense SRS)
- Host Name: Name of the host. This may be an IP address if no host name is available.
- Criticality: Host criticality as assigned by users. The scale is 1-5, with 5 being the most critical. This can be assigned manually to the host via More > Set Asset Criticality.
- IP Address: The host’s IP address.
- Network: The network the host is assigned to.
- Group: The group the host is assigned to
- Total: The total vulnerability count within this host.
- Critical: Denotes Findings designated as “Critical” 9-10 Severity) within this host
- High: Denotes the Findings designated as “high” (7-8.9 Severity) within this host
- Medium: Denotes the Findings designated as “medium” (3.0-6.9 Severity) within this host
- Low: Denotes the Findings designated as “low” (0.1-2.9 Severity) within this host
- Info: Denotes the Findings designated as “information” (0 Severity) within this host
- Operating System: Operating system the scanner detected on this host
- Tag: Column that displays tags assigned to this Host
- Notes: Displays the notes written on the Host (by account users). Add notes by selecting a finding and clicking More > Add Note. Clicking the number opens the Host Finding Detail panel for details on the note.
- Host Sorting Drop-down: Various ways that hosts can be sorted.
- Page Selection: Shows range of findings on the current page as well as a box to manually insert a page number to skip to
Note: Look for the () Icon in the upper-right hand corner. This icon allows you to add additional columns into the view that may not be there by default. Last Found on Date and Discovered on Date may be helpful columns to add depending on your remediation strategies and processes.