CVE Analysis

by Josef Weiss
February 18, 2014

This dashboard trends outstanding CVE, and recently mitigated issues in a variety of tables and trend lines. It builds on a previously released dashboard title CVE Trending By Year.

Required Tools - Nessus or PVS

This dashboard leverages SecurityCenter's ability to filter vulnerabilities based on the specific year of the associated CVE ID for it.

There are four components of this dashboard.

Outstanding CVE matrix - This component shows the total CVE ID count for each severity level for the years displayed. Also presented is a column that displays if any exploitable vulnerabilities exist for any CVE ID for the years displayed.

Outstanding CVE Breakdown - This component displays a breakdown of present CVE vulnerabilities by severity for the CVE ID years 2010 to 2014.

CVE Trending By Severity (Last 90 Days) - This component shows a 90 day analysis of vulnerabilities discovered by severity. Each trend line is assigned to a severity, and tracks the total CVE ID for the last 5 years

CVE Mitigated Within Last 30 Days - This component displays a bar chart of of recently mitigated CVE vulnerabilities, by severity, for the CVE ID years 2010 to 2014.

The dashboard and its components are available in the SecurityCenter 4.7 Dashboard app feed, an app store of dashboards, reports, and assets. The dashboard requirements are:

  • SecurityCenter 4.7.1
  • Nessus 5.2.4
  • PVS 4.0.0