Widgets
5 min
the widgets on the dashboard are categorized into distinct classes of information each class provides a specific perspective for monitoring, evaluating and optimizing operations these classifications enable users to efficiently identify trends, measure performance and support data driven decision making the dashboard offers the following features control overview identify capability / widget description identify maintains awareness of current cybersecurity risks, enabling informed decision making and prioritization of security efforts risk assessment evaluates cybersecurity risks to organizational operations, assets, and individuals, providing the foundation for control implementation and monitoring average vulnerabilities per scan displays the average number of vulnerabilities detected during each scan oldest unremediated critical vulnerability identifies the oldest critical vulnerability that remains unresolved active vulnerabilities by severity displays unresolved vulnerabilities grouped by severity level vulnerability discovery over time tracks the number of vulnerabilities detected during each scan over time recent scans & kev detection summarizes the five most recent scan dates and the vulnerabilities identified, including known exploited vulnerabilities (kevs) scanned vulnerability severity trend shows monthly trends of vulnerabilities categorized by severity scan coverage adherence measures the percentage of assets scanned according to the defined scanning schedule engine signature freshness indicates the number of days since the vulnerability scanning engine was last updated protect configuration management capability / widget description protect focuses on implementing and actively managing safeguards to reduce cybersecurity risks and improve organizational resilience configuration management ensures configuration management practices are defined, enforced, and monitored to maintain system integrity and reduce vulnerabilities overall compliance posture (kpi) percentage of assets requiring a healthcheck that have a valid healthcheck scan compliance depth view (kci) percentage of healthcheck required assets achieving at least 75% policy compliance non compliant asset count number of healthcheck required assets whose latest healthcheck status is missing or expired newly detected non compliance number of healthcheck required assets with more than one finding in their latest healthcheck scan top 10 policy failures lists the ten most common healthcheck violations grouped by check description compliance scan coverage shows the distribution of healthcheck scans performed automatically versus manually compliance by platform category compares operating system families against healthcheck status unsupported assets overview displays the total number of systems that are end of life (eol) or end of support (eos) device lifecycle breakdown compares eol and eos percentages for hardware and software assets in production environments protect change & vulnerability management capability / widget description change management (deployed) percentage of changes successfully deployed to production change management (emergency) percentage of emergency changes deployed to production open changes – age range vs priority tracks open changes by age and priority level open changes – category vs priority shows the distribution of open changes by category and priority sla breach – critical vulnerabilities tracks critical vulnerabilities that were not remediated before their sla due dates critical vulnerabilities patched within sla (kpi) percentage of critical vulnerabilities remediated within the defined sla timeframe patch backlog (pending systems) number of systems awaiting patch deployment following a vulnerability scan average time to patch (kpi) average time between vulnerability identification and remediation vulnerabilities patched by severity monthly count of patched vulnerabilities grouped by severity patch success rate over time monthly trend of patching outcomes, such as successful, failed, or pending pending patch volume by platform lists systems with pending patches grouped by platform vulnerabilities patched by time to remediate range categorizes patched vulnerabilities by remediation time patch backlog by severity displays outstanding vulnerabilities grouped by severity level remediation progress trend tracks monthly trends in vulnerability remediation activity known exploited vulnerabilities total active vulnerabilities detected on production devices last scan date most recent completed vulnerability scan date protect identity management, authentication and access control capability / widget description identity management, authentication, and access control ensures access to physical and logical assets is restricted to authorized users, services, and devices through risk based authentication and authorization controls shared credentials in vault verifies that shared credentials are stored in a managed vault to support accountability and protect sensitive information shared uids in vault (distribution) shows the distribution of shared user ids based on whether they are stored in a vault uid actions by type & outcome displays pending local user ids by action type and outcome, such as suspensions or removals pending local uid removals number of local user ids that remain active despite being scheduled for removal access revalidation (kpi) – non privileged uid revalidation percentage of systems that have completed non privileged user id revalidation access revalidation (kpi) – privileged uid revalidation percentage of systems that have completed privileged user id revalidation access revalidation (kpi) – role entitlement revalidation percentage of systems that have completed role entitlement reviews access revalidation (kpi) – role membership revalidation percentage of systems that have completed role membership reviews asset access revalidation (kpi) measures completion of required access revalidation activities across managed assets employee access termination (kpi) measures the percentage of user ids removed within the required timeframe after employee termination