Prioritization Dashboard: Overview

High-level overview of the Prioritization Dashboard.

Prioritization Dashboard - Top

Prioritization Dashboard - Bottom

The Prioritization Dashboard allows your organization to quickly observe remediation progress and easily determine where efforts should be directed. Findings are categorized according to workflow stages of Open and Closed and then broken down further by threat associations, focusing down from broad to specific. The threat-based charts and tables allow users to prioritize the remediation of high-risk host findings, according to host externality, finding severity, time of finding discovery, and more.

This view is available in the Dashboards menu. It is filterable by Network, Group, and Tag, in order to further assist narrowing down exactly what your organization needs to prioritize at any given time. Prominently featured on this dashboard are the funnel diagrams, appearing for the first time in the RiskSense platform view. These funnels show a simplified breakdown of host finding counts under a series of increasingly specific filters, beginning with a total count and narrowing down to those associated to Remote Code Executions (RCE) and Privilege Escalations (PE), two of the highest-risk threat categories. The bottom of the funnel shows a count of those findings associated with threats and of vulnerabilities that are Trending, or currently being seen and discussed in the wild within the past seven days.

Parallel charts and tiles, as well as a dual-sided bar chart, depict the ratio of open findings to closed findings. In this way, organizations can clearly track not only what work remains to be done, but also what has been accomplished thus far and how much remediation progress has been made, leading to easier tracking of performance metrics and compliance.

Widgets

Weaponized Host Findings: This chart shows the count of open host findings and count of closed host findings related to threats (weaponized host findings).

Prioritization Dashboard - Weaponized Host Findings Widget

Recent Weaponized Host Findings (<30d): This chart shows the number of host findings related to threats discovered or resolved within the last 30 days. Recently discovered findings are currently open. Recently resolved findings are currently closed.

Prioritization Dashboard - Recent Weaponized Host Findings 30 Days Widget

Open Host Findings with RCE/PE Exploits: This chart shows counts of unassigned and assigned open findings related to RCE or PE exploits.

Prioritization Dashboard - Open Host Findings with RCE PE Exploits Widget

Open Host Findings Funnel: This chart assists with prioritization of high-risk host findings. It shows counts of open host findings related to threats in order of increasing risk. Categories of findings represented include the following:

  • All: The number of open findings under selected filters.
  • Weaponized: The number of open findings related to any kind of threat, including, but not limited to, exploits, malware, default credentials, and manual exploits.
  • RCE/PE: The number of open findings related to RCE or PE exploits.
  • Trending: The number of open findings associated with vulnerabilities and threats in active discussion and use in the wild across the last seven days.
  • ME: The number of open findings associated with a RiskSense-Verified Manual Exploit (ME), identified as a catastrophic vulnerability by our penetration testers (only visible to those clients that utilize RiskSense’s penetration testing service).

Prioritization Dashboard - Open Host Findings Funnel WidgetClosed Host Findings Funnel: This chart shows counts of closed host findings related to threats in order of increasing risk. Categories of findings represented include the following:

  • All: The number of closed findings under selected filters.
  • Weaponized: The number of closed findings related to any kind of threat, including, but not limited to, exploits, malware, default credentials, and manual exploits.
  • RCE/PE: The number of closed findings related to RCE or privilege escalation (PE) exploits.
  • Trending: The number of closed findings associated with vulnerabilities and threats in active discussion and use in the wild across the last seven days.
  • ME: The number of closed findings associated with a RiskSense-Verified ME, identified as a catastrophic vulnerability by our penetration testers (only visible to those clients that utilize RiskSense’s penetration testing service).

Prioritization Dashboard - Closed Host Findings Funnel Widget

Host Findings by IP Type: This chart gives an IP-based distribution for open host findings, closed host findings, and accepted host findings. It also shows counts for weaponized open, closed, and accepted findings. Weaponized findings have an association with one or more threats. Your organization can use the chart to compare remediation progress on Internet-facing hosts vs. hosts on internal networks.

Prioritization Dashboard - Host Findings by IP Type Widget

Host Findings by VRR: This table shows a distribution of host findings based on remediation status, Vulnerability Risk Rating (VRR), and weaponization (presence of threats). For each category, the chart shows a breakdown by VRR Group (Critical, High, Medium, Low, and Info). The categories include open, closed, and accepted findings as well as weaponized open, closed, and accepted findings. Your organization can use the chart to prioritize findings based on VRR, weaponization, or both.

Prioritization Dashboard - Host Findings by VRR WidgetHost Findings Discovered vs. Resolved: By default, this chart shows the number of findings discovered vs. the number of findings resolved over the last 12 months (including the current month). The chart also has “Daily”, “Weekly”, and “Quarterly” modes that show counts for the last 12 days, 12 weeks, or 12 quarters.

Prioritization Dashboard - Host Findings Discovered vs Resolved WidgetHost Findings over Time: This chart allows you to explore how the distribution of open findings and open weaponized findings on your network changes over time. For each time range, the chart shows open and open weaponized Critical, High, Medium, and Low findings. VRR determines the numerical ranges for Critical, High, Medium, and Low.

By default, the chart shows finding counts over the past 12 months. You can also change the time scale for the chart to see counts for the past 12 days or the past 12 weeks. In Weekly mode, the chart shows the number of open findings on your network at the end of the week (Saturday). In Monthly mode, the chart shows the number of open findings on your network at the end of the month. 

This chart only supports Network and Group filters.

Prioritization Dashboard - Host Findings Over Time WidgetRecent Host Findings by Status: This chart has two modes. The Open mode shows open host findings distributed by date of discovery. In Closed mode, the chart shows closed findings distributed by time since resolution. In either mode, the chart shows the total count of weaponized host findings in each age range and a breakdown of findings by VRR. VRR defines the numerical ranges for Critical, High, Medium, Low, and Info.

Prioritization Dashboard - Recent Host Findings by Status Widget