Purpose

This document explains the various parts and functions of the Unified View Dashboard.

Introduction



Dashboard

The Dashboard consists of several cards that describes various views of the findings.

Overall Risk

The Overall Risk card provides a quick overview of the risk grades on a scale from A to F where F represents the most critical risks.

Overall Risk

Clicking the risk grade displays a table filtered on the level clicked. Clicking the Overall Risk heading displays an unfiltered list where the findings can be filtered further by using the options under the Summary to the right. The arrow in the upper left corner brings you back to the Dashboard.

How are Grades Calculated

To calculate the risk value of a finding, the following metrics are used and evaluated in the following order:

  1. Likelihood (Farsight)
  2. CVSSv3
  3. CVSSv2
  4. Compliance score

This order works as a funnel, for example if the likelihood is not present, the CVSSv3 will be used, if there is no CVSSv3, CVSSv2 will be evaluated and so on. 

An Asset's risk is comprised of:

  1. Business criticality (priority)

  2. Exposure

  3. The single highest finding (weakest link) on the asset

Asset risk is calculated as an average of the risk score of the associated with the AppStak assets.

Business Criticality

Business criticality defines the customer's view of how much risk is associated with a specific Asset should it be compromised by a threat actor. For example, an E-commerce database storing customers payment details could be considered critical from a risk perspective.

This card shows distribution of risks A-F over business criticality.

Clicking the bars in the chart displays a table filtered on the bar clicked. Clicking the Business Criticality heading displays an unfiltered list where the result can be filtered further by using the options under the Summary to the right. The arrow in the upper left corner brings you back to the Dashboard.

Business Criticality

Business criticality is an attribute that is managed in Netsec in the Manage Targets section.


Risk by Provider

The Risk by Provider card shows you the groupings of different cloud providers within the AppStaks and Assets. Each group shows the amount of findings in the A-F scale as described in Overall Risk. Clicking on them brings you to the asset view filtered with that cloud provider group and the risk level. Clicking the Risk by Provider heading displays an unfiltered list that can be filtered further by using the options under the Summary to the right. The arrow in the upper left corner brings you back to the Dashboard.

Risk by Provider

Remediation

Remediation is an average of days between the first day a finding was detected and the last day for all findings belonging to an asset.

Clicking the bars in the chart displays a findings table filtered on the bar clicked. Clicking the Remediation heading displays an unfiltered list where the findings can be filtered further by using the options under the Summary to the right. The arrow in the upper left corner brings you back to the Dashboard.

Remediation

Aging

The Aging card shows the average time past from the first occurrence of the finding in each risk grade from your scans. Clicking on a specific circle displays a table filtered to present the list of a the chosen grade. Depending on which view is selected, AppStaks  or Assets, the respective table shown. When clicking on the title, the table is sorted in descending order on age, which can be filtered further by using the options under the Summary to the right. .

The arrow in the upper left corner brings you back to the Dashboard.

Aging

Category Risk

The Category Risk card shows you the groupings of different AppStaks or Assets.

Clicking on each of the segments in the ring presents an in depth view of the risks in that specific AppStak in a table filtered on the segment clicked. Clicking the Category Risk heading displays an unfiltered list that can be filtered further by using the options under the Summary to the right. The arrow in the upper left corner brings you back to the Dashboard.

Platform Risk

The Platform Risk card shows you the groupings of different platforms and their average risk within the findings. Clicking on the heading brings you to the Asset view with a list together with the Summary. The arrow in the upper left corner brings you back to the Dashboard.

Platform Risk

Known Exploits

The card represents a count of findings which have been found and confirmed to be exploitable. The Non-exploitable count represents the amount of findings which at the present time have not been confirmed as exploitable.

Clicking on the header of the card presents an unfiltered table of currently viewed type of data - either AppStaks or Assets. Clicking on any of the numbers presents a filtered table with items either having or not having exploitable findings in them.

Know Exploits

Solutions

The Solutions card applies to both AppStaks and Assets, and shows you the groupings of different platforms within the findings, and helps you quickly focus on where the best effort should go to remedy any vulnerabilities on various platforms. Clicking the Solutions heading displays an unfiltered list where the findings can be filtered further by using the options under the Summary to the right. The arrow in the upper left corner brings you back to the Dashboard.

Solutions

Summary Filters

Several of the cards provides filter when drilling down in the results.

AppStaks View Filter

Clicking on the card headings takes you to the table view where you can see the result on all of your AppStaks.

By clicking on the columns in the Business Criticality diagram or on the  Category Risk pie chart under Summary, you can filter the findings to your choice.

Assets View Filter

Clicking on the card headings while in the Assets tab takes you to the table view where you can see the result on all of your assets.

In the Assets View the Summary consists of two tabs, Details and Statistics.

The Details tab use the same OVERALL RISK card as the Dashboard and allows you to filter on each of the risks shown.

Summary Details


The Statistics tab use the Remediation card and the Aging card which both allow you to filter the result by clicking on their content.

Summary Statistics


Trend views shows how business risks are developing over time, displaying if they are improving or getting worse and the causes of them.

Trends are applied to AppStaks, Assets, and Findings.

Displaying Trends

The Dashboard can be toggled into displaying the result of the scanning in trends by switching the Trends button in the upper right corner.

The drop down menu to the right of the trend toggle switch allows you to set the time duration of the trends shown in the dashboard.


The various time frames are composed of smaller increments as shown in the table.

Time frameConsists of:
1 Week7x Days
1 Month4x Weeks
1 Quarter3x Months
6 Months6x Months
1 Year4x Quarter
3 Years6x 6 Months




Copyright

© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.