Service level agreements (SLAs) can be sometimes hard to meet in companies when it comes to technical security vulnerabilities for different reasons. However, it's one of the most important yard sticks to measure a vulnerability management program.
The following bubble chart shows both mitigation (Closed vulnerabilities) and workload (Open vulnerabilities) performance of the vulnerability management program. There are three factors shown both of the series; severities, the number of vulnerabilities on each severity and the number of different assets having those vulnerabilities.
For open vulnerabilities, the bigger the bubble gets, the more attention it needs. However, the severity level also affects the equation.
For closed vulnerabilities, the bigger the bubble gets, the more attention has been paid to that group of vulnerabilities and assets, which is a key mitigation performance criteria to show off.
The average days of mitigation can be very helpful to set a meaningful and realist SLAs. The next graph shows this information for each severity level.
The following bubble chart is one of hardest to grasp, however, we still keep it. It relates to open vulnerabilities and grouped into asset labels.
It includes both the number of open urgent/critical/high vulnerabilities and number of asset counts of each bubble (asset groups). Moreover, the size of the bubble is the average days of vulnerabilities still stay open. This gives the precise idea of which asset groups needs immediate attention both vulnerability, asset size and avg. days of unmitigated risks.
The last SLA graph is all about finding the lingered vulnerabilities grouped by severities. Urgent and critical vulnerabilities should not stay open too long and here it's very easy to see the details of those do.