What is the purpose and function of the various NopSec dashboard widgets?
Overall Risk Grade
NopSec determines an organization’s overall risk based on the aggregate score of all assets within an organization. Depending on the environmental controls that NopSec is aware of on an asset such as Mitigating Controls via an XDR integration or by detecting a Criticality value on the asset, NopSec can raise or lower the risk of a particular asset. The number of vuln instances on a given asset also impacts its score. You can improve this score by consistently maintaining a low number of vuln instances across the largest number of assets in your organization.
NopSec Threat Based Prioritization
NopSec runs all CVEs through it’s proprietary machine learning model to determine the likelihood that a vulnerability will be used in a real cyber attack (threat). If NopSec determines through its threat feeds and analysis that a vulnerability is actively being used in cyber attacks the vulnerabilities are also labeled as a threat. In this process NopSec may determine that the Scanner’s original categories or risk score is wrong and will re-prioritize those vulnerabilities by either increasing their risk score or lowering their risk score. This is one of the main benefits of using NopSec. We are ultimately helping your team focus on the most important risk in your network and in doing so reducing the amount of work your teams need to do identify that risk.
Open Vuln Instances Out of SLA by Severity
This widget is visualizing all vuln instances that have a status of Open and are not in a Remediation or Exception Plan and have not been remediated before their SLA Due Date. Each Vuln Instance receives an SLA Due Date based on the settings set by your administrators, if the vuln instance is Open and Today >= SLA Due Date then it is Out of SLA. It then visualizes this data by severity. Critical (Instance Score of 76-100 and highly likely to become a Threat), High (51-75), Medium (26-50), Low (01-25)
Targets by Type
Every location your scanners provide a finding for is considered a Target. If you have two scanners scanning the same location you will have two targets in the platform. This widget shows you the total number of Targets within the platform and displays them by type.
Open Vuln Instances Not in Plan by Severity
This widget is visualizing all vuln instances that have a status of Open and are not in Remediation or Exception Plan. It then visualizes this data by severity. Critical (Instance Score of 76-100 and highly likely to become a Threat), High (51-75), Medium (26-50), Low (01-25)
Instances In and Out of Plan
This widget is visualizing all vuln instances that have a status of Open and categorized as In Plan or Out of Plan. In Plan means the vuln instance is either in a Remediation Plan or Exception Plan (or both). Out of Plan means the vuln instance is not in a Remediation Plan or Exception Plan (or both) and should be looked at by Analysts to determine how to resolve. It then visualizes this data by severity.
Overall Mean Time to Remediate
This widget is displaying the average time it takes within your organization to remediate vulnerabilities. It first identifies all vuln instances with a status of Closed. Of those items it applies the following calculation: Detected Date - Remediated Date = Days It then finds the Average number of Days for items to be remediated and visualizes a table showing the average per Severity and the Overall Average.
This Month's Churn
This widget is describing the number of vuln instances you are remediating this month compared to newly discovered vuln instances. A positive Churn is a bad thing as it describes that you are discovering more vulnerabilities than you can remediate. A negative Churn is a good thing as it indicates that you are remediating more vulnerabilities than you are discovering. Alone this can indicate a potential regression of a process or team. Being able to track this rate over time may show insights on how well your organization is performing.
Open Vuln Instances by Detected Year
This widget is visualizing all vuln instances that have a status of Open and are not in a Remediation or Exception Plan and grouped together based on the Year they were detected. You can use this widget to help find the oldest Open items in your organization that have not been added to a remediation plan or been risk accepted or marked false positive.
Top 5 Open Urgent and Critical Vulnerabilities
This widget is providing a view of the top 5 vulnerabilities categorized as Urgent or Critical and are seen across the most assets. This includes all vuln instances even if they are in a plan in order to show the scale of the vulnerabilities found in your network.
Trending MTTR
This widget is displaying the last 6 months of MTTR calculations for the entire organization allowing users to determine if overall progress has been made or if there were potential process regressions along the way.
Top 10 Urgent Solutions
This widget is displaying a table of the most prevalent vulnerabilities categorized as a severity of Urgent by NopSec. These vulnerabilities are grouped by their solution then sorted by the number of open vuln instances not within a remediation or exception plan. We then limit the data to the top 10. By deploying these solutions you will see large numbers of vuln instances reduced at the same time.
Top 10 Critical Solutions
This widget is displaying a table of the most prevalent vulnerabilities categorized as a severity of Critical by NopSec. These vulnerabilities are grouped by their solution then sorted by the number of open vuln instances not within a remediation or exception plan. We then limit the data to the top 10. By deploying these solutions you will see large numbers of vuln instances reduced at the same time.