Avg. Vulnerabilities Per Scan:
Shows the average number of vulnerabilities detected in each scan.

Oldest Unremediated Critical Vulnerability:
Identifies the oldest critical vulnerability that remains unresolved.

Active Vulnerabilities by Severity:
Displays the unresolved vulnerabilities by severity level.

Vulnerability Discovery Over Time:
Tracks how many vulnerabilities each scan detects over time.

Recent Scans & KEV Detection:
Summary of the past five scan dates along with the vulnerabilities detected, including KEVs.

Scanned Vulnerability Severity Trend:
Shows a month-wise trend of vulnerabilities by severity.

Scan Coverage Adherence:
Measures the percentage of assets scanned according to the defined schedule.

Engine Signature Freshness:
Number of days since the vulnerability scanning engine was last updated.

Overall Compliance Posture (KPI):
The percentage of assets that have a valid HealthCheck scan out of the total number of assets that require a HealthCheck.

Compliance Depth View (KCI):
Represents the percentage of HealthCheck-required assets that meet or exceed a 75% policy compliance rate.

Non-Compliant Asset Count:
Represents the number of assets (among those requiring health checks) with the latest HealthCheck status that is either missing or expired.

Newly Detected Non-Compliance:
Represents the number of assets (among those requiring health checks) that have more than one finding in their latest HealthCheck scan.

Top 10 Policy Failures:
Lists the top 10 most frequent HealthCheck violations, grouped by check description.

Compliance Scan Coverage:
Shows the distribution of HealthCheck scans based on how they were performed: Automatic vs Manual.

Compliance by Platform Category:
Operating System Family vs HealthCheck Status stacked bar chart.

Unsupported Assets Overview:
Represents the total number of systems that are either End-of-Life (EOL) or End-of-Support (EOS).

Device Lifecycle Breakdown:
This chart visually compares the End-of-Life (EOL) and End-of-Support (EOS) percentages for hardware and software in production environments.

Change Management (Deployed):
Percentage of changes successfully deployed to the production environment.

Change Management (Emergency):
Percentage of emergency changes deployed to the production environment.

Open Changes - Age Range vs Priority:
Tracks the time elapsed since each change was created, categorized by its priority level.

Open Changes: Category vs Priority:
Displays the distribution of open changes by category and their corresponding priority levels.

SLA Breach - Critical Vulns:
Tracks critical open vulnerabilities that were not patched before their due dates.

Critical Vulns Patched Within SLA (KPI):
The percentage of critical vulnerabilities patched within the defined SLA timeframe.

Patch Backlog (Pending Systems):
Indicates the number of systems pending patches after a vulnerability scan.

Average Time to Patch (KPI):
Calculates the average time between the vulnerability scan date and the vulnerability patch date.

Vulnerabilities Patched by Severity:
Shows the number of vulnerabilities patched each month, categorized by severity level.

Patch Success Rate Over Time:
Displays the monthly distribution of patching outcomes (example: successful, failed, pending).

Pending Patch Volume by Platform (Drilldown):
Lists systems with pending patches, grouped by platform.

Vulnerabilities Patched by Time-to-Remediate Range:
Categorizes patched vulnerabilities based on the time taken to remediate them.

Patch Backlog by Severity:
Lists pending vulnerabilities, organized by severity level.

Remediation Progress Trend:
Tracks the monthly trend of vulnerabilities patched overtime.

Known Exploited Vulnerabilities:
Total active vulnerabilities scanned in production devices.

Last Scan Date:
Displays the most recent date of a completed vulnerability scan.

Identity Management, Authentication, and Access Control:

Access to physical and logical assets is restricted to authorized users, services, and hardware. Access controls are managed based on the assessed risk of unauthorized access, ensuring secure authentication and authorization processes.

Shared UIDs in Vault:
Indicates the percentage of shared user IDs that are securely stored in a vault.
Shared credentials must be stored in a vault that enforces individual accountability and restricts access to confidential data.
Shared UIDs in Vault (Distribution):
Bar chart showing the distribution of shared user IDs based on their storage status; either stored in a vault or not stored in a vault.
UID Actions by Type & Outcome:
Displays the breakdown of pending local user IDs by action type (for example, Suspension, Removal) and their respective outcomes, visualized in a bar chart.
Pending Local UID Removals:
Displays the number of local user IDs that remain in the environment despite being scheduled for removal.
Access Revalidation (KPI) - Non-Privileged UID Revalidation:
Displays the percentage of systems that have completed Non-Privileged UID Revalidations.
Access Revalidation (KPI) - Privileged UID Revalidation:
Displays the percentage of systems that have completed Privileged UID Revalidations.
Access Revalidation (KPI) - Role Entitlement Revalidation:
Displays the percentage of systems that have completed Role Entitlement Revalidations.
Access Revalidation (KPI) - Role Membership Revalidation:
Displays the percentage of systems that have completed Role Membership Revalidations.
Asset Access Revalidation (KPI) - UID Revalidations:
Employee Access Termination (KPI) - UIDs removed on time: