The dashboard contains a summary section, quite a few summary graphics and two sets of notifications as shown in Figure 1.
Figure 1 - NormShield dashboard
Upper management is always keen on seeing colorful graphs and has a particular tendency towards Service Level Agreements and Key Performance Indicators. This is not out of nothing, obviously. Managers need SLA and KPI data in order to make smart decisions about future investments, planning and such.
There are many challenges in setting up a sound information security program. Funding is one of them, rightly. But one another of these challenges is measuring the results and proving the program is successful. NormShield provides easy-to-consume magic numbers for proofs your program needs.
There are four rows on the NormShield Dashboard.
The first row of includes badges of quick information about the current posture. From left to right,
- Number of Exploitable & Urgent OPEN vulnerabilities
- Number of OPEN Urgent vulnerabilities
- Number of currently RUNNING scans, including vulnerability scans, ssl, domain and port scans
- Number of ACTIVE (action waiting) alarms
- Number of UP web assets, in other words web applications
- Number of UP network assets, in other words IP addresses
The second row includes summary graphics, again from left to right;
- Monthly trend of open/closed vulnerabilities, showing the vulnerability finding and mitigation performance for all defined assets
- A heat map of label grouped number of vulnerabilities against five severities (low, medium, high, critical and urgent).
- A matrix of open vulnerabilities ordered with both severity levels and the number of days they stay still OPEN. These lingering vulnerabilities may create increasing risks for the assets according the severity and the number of non-closed days.
The third row includes some of vulnerability and threat related badges, again from left to right;
- The first badge includes the total NormShield Risk Score of existing OPEN vulnerabilities. It is possible to see the over all vulnerability based risk changes with the arrow and number below the badge.
- The second badge includes a deduced current threat level of overall company from the vulnerabilities and alarms. The color-coded cyber attack threat level can be read as see...
- The third badge contains a doughnut distribution of severities of all open vulnerabilities.
- The fourth badge contains a doughnut distribution of severities of all closed vulnerabilities.
- The next badge contains the percent of last month's published CVE vulnerabilities that match with the defined assets.
- The last badge includes a calculated maximum number of the oldest unmitigated vulnerability and its NormShield Risk Score. The bigger is shown since it's the one has been lingering too much time and needs immediate attention!
The last row includes to notification tables next to each other. First one shows a table of most recent five scans and their status. The table next shows the most recent status actions on urgent or critical vulnerabilities.