Executive Dashboard: Overview

High-level overview of the Executive Dashboard.

Overview

The Executive Dashboard provides an overview of your organization’s risk posture. At a high level, the Overall RiskSense Security Score (RS³) dial provides a single numeric summary indicator of your organization’s cybersecurity hygiene; a higher score corresponds to a better security posture. At a more granular level, the Open Host Findings by VRR chart provides a precise breakdown of all host findings according to how much risk they pose. Host Findings over Time shows the same breakdown over 12 days, weeks, or months.

The Weaponization Funnel provides a deeper understanding of the findings across your network. Within each successive stage of this horizontal funnel diagram, we apply successively more narrow filters or finding categories, making it easier to identify the most prominent threats to your organization within the context of your entire set of host findings. Hosts give additional information on the hosts associated with threats.

Understanding why your score has increased or decreased from any point in time has never been easier with the interactive RiskSense Security Score (RS³) Timeline  chart. Select the start date and end date to observe exact differences in finding, host, and threat counts and the changes in RS³ between those two dates. In addition, the Top 50 High Impact Findings by VRR chart assists in understanding score changes over time by showing the addition of CVE vulnerabilities by date, according to how many hosts that they affect.

This predesigned dashboard allows users to filter by network, group, and tag. Any user—from technicians to the C-suite⁠—can focus the dashboard on their areas of interest. Key elements of the dashboard, such as the RS³ dial and trend line or the Exploitable Hosts by Business Impact table, depend heavily on the currently active filters. Note that for this reason, different users may see a different overall RS³, depending on their roles and group permissions.

Executive Dashboard - Top-1

Executive Dashboard - Bottom-1

Widgets

Hosts: This chart contrasts the total host count with the number of hosts that have older weaponized findings. The second number includes hosts with at least one open weaponized finding discovered 90 or more days ago. A weaponized finding is associated with at least one threat. Note that if dashboard filters include tags, this chart will only show data for tags applied to assets.

Executive Dashboard - Hosts Widget-1

Open Host Findings by VRR: This chart shows the number of open host findings classified as Critical, High, Medium, Low, or Info based on Vulnerability Risk Rating (VRR).

Executive Dashboard - Open Host Findings by VRR Widget-1

Overall RiskSense Security Score (RS³):  RS³ represents your organization’s cybersecurity posture, measuring risk posed by existing vulnerabilities and current potential threats. RiskSense uses several factors like its custom VRR, asset business criticality, threat intelligence, and probability of breach to calculate this score. The score shown here respects the current filtered selection of hosts. Note that if dashboard filters include tags, this chart will only show data for tags applied to assets.

Executive Dashboard - Overall RiskSense Security Score

RiskSense Security Score (RS³) Timeline: This chart displays your organization’s RS³ (or the aggregated RS³ of the actively filtered selection of hosts) over the last 12 months. The purple line represents RS³, while the green line shows RS³ omitting all instances of Risk Acceptance. This chart allows you to compare factors contributing to your RS³ on any two dates directly, including counts of threats, vulnerabilities, and hosts.

Select the date range that the chart should show by changing the start and end date. The Deltas section on the right displays differences between contributing factors recorded on the start date and end date.

Note that if dashboard filters include tags, this chart will only show data for tags applied to assets.

Executive Dashboard - RiskSense Security Score Timeline Widget-1

Weaponization Funnel: This chart organizes open host findings according to how much risk is posed by associated threats. Risk increases from left to right, as successive sets of threat filters are considered. Each section of the funnel shows the number of open findings that match the threat filters and the number of assets impacted. From left to right, the funnel shows metrics based on: 

  • All open findings (“Total Findings”)
  • Open findings related to threats (“Weaponized”)
  • Open findings related to Remote Code Execution or Privilege Escalation exploits (“RCE/PE”)
  • Open findings associated with vulnerabilities and threats in active discussion and use in the wild (“Trending”)

If any open findings have manual exploits, the section “ME” also becomes visible.

This widget has two modes: VRR Prioritized and Summary. VRR Prioritized shows open findings and assets distributed by Vulnerability Risk Rating (VRR). VRR determines the five risk levels for findings: Critical, High, Medium, Low, and Info. Summary shows the number of open findings, assets, patches, and unique threats associated with specific threat filters. You can choose to see the number of unique findings (plugins) or unique CVEs instead of the total number of open findings.

Executive Dashboard - Weaponization Funnel Widget-1

The screenshots below show a closer view of the weaponization funnel, with the first screenshot showing the left side of the funnel and the second showing the right side.

Executive Dashboard - Weaponization Funnel Widget - Left

Executive Dashboard - Weaponization Funnel Widget - RightThe screenshot below shows an example of Summary mode.

Executive Dashboard - Weaponization Summary

The screenshots below show a closer view of the weaponization funnel in Summary mode, with the first screenshot showing the left side of the funnel and the second showing the right side.

Executive Dashboard - Weaponization Summary - Left

Executive Dashboard - Weaponization Summary - Right

Exploitable Hosts by Business Impact: This table displays the number of hosts containing at least one open host finding associated with threats, according to each host’s defined asset criticality and its RS³. Note that if dashboard filters include tags, this chart will only show data for tags applied to assets.

Executive Dashboard - Exploitable Hosts by Business Impact Widget-1

Top 50 High-Impact Unique Findings: This widget displays the top 50 unique host findings based on two different sorts. “VRR” orders unique findings by highest Vulnerability Risk Rating (VRR) and then by the number of occurrences across the filtered selection of hosts (displayed in the widget as “finding footprint”). “Footprint” orders unique findings by finding footprint and then by VRR.

You can view the unique findings as a scatter plot or a table. The scatter plot positions a circle for each unique finding across two axes: the finding footprint size and the earliest publication date among CVEs associated with the finding. VRR determines the color of each circle. As a table, the widget displays the finding title, plugin ID, VRR, finding footprint, and earliest CVE publication date for each unique finding.

Executive Dashboard - Top 50 High-Impact Unique Findings Widget

The screenshot below shows how the widget appears as table.

Executive Dashboard - Finding Footprint Table