Executive Summary Dashboard

by Cody Dumont
October 22, 2013

Using a series of charts, tables, and graphs, this overview dashboard provides a summary for an executive to gain a high level understanding of the vulnerability management status of the network environment.  This dashboard contains valuable information, including Top 10 Summaries of Assets, Networks and Systems that are vulnerable, as well as useful trend information on vulnerabilities and how long they have existed within the network environment. The dashboard and its components are available in the SecurityCenter 4.7 Dashboard app feed, an app store of dashboards, reports and assets.

The dashboard requirements are:

  • SecurityCenter 4.7
  • Nessus 5.2.1

Listed below are the included components:

Executive Summary - Vulnerability Trend (Medium, High, Critical) Last 90 Days: This component contains a trend analysis for medium, high and critical severity vulnerabilities over the past 90 days. This method of analysis allows executives to see how risk to the organization has changed during the previous 90 days.

Executive Summary - Outstanding Patches by Operating System: This component displays a summary of vulnerabilities by operating system, using the Local Check Plugin Families.  The data is sorted by the critical vulnerabilities.

Executive Summary - Most Vulnerable Hosts: This component contains a bar chart of the top 10 most vulnerable hosts. The bar chart contains critical, high and medium severity vulnerabilities. The number of critical severities is used to rank the hosts in the chart.

Executive Summary - CVSS Scoring: This matrix component displays current vulnerabilities by CVSS scores ranging from 10-7, 6.9-5, 4.9-3 and below 2.9.

Executive Summary - Asset Outstanding Patches by Operating System (Medium, High and Critical): This component shows a table of the top 10 summary of the most vulnerable assets, sorted by the number of critical severities. Asset lists are dynamically and/or statically generated lists of IP enabled devices (a.k.a. Assets) within the organization. Assets are commonly static or dynamic, however there are other types such as DNS and LDAP-based assets. Static assets are a predefined set of IP addresses using either a range or subnet boundary as the asset parameter, while dynamic asset lists are created to group common devices together (via rules that use vulnerability data to create a list) for more advanced functions.

Executive Summary - Severity Summary: This component contains a single pie chart displaying a summary of the vulnerabilities by severity level. The chart is separated in critical, high, medium and low severities.

Executive Summary - Vulnerability Age: This component contains a matrix displaying vulnerability age. The columns identify new hosts (within the past 24 hours), and vulnerabilities from low to critical severities. The rows are labeled by the number of days the vulnerabilities have existed within the environment from the first discovery date, sorted by less than 7, 30, 90 days, and greater than 90 days.

Executive Summary - Most Vulnerable Networks: This component contains a bar chart of the top 10 most vulnerable networks. The bar chart contains critical, high and medium severity. The number of critical severities is used to sort the assets in the graph. The network sorting is based on the native class "C" subnet mask boundary, which is based on masking with 24 bits, and the result is groups of 256 IP addresses.

Executive Summary - CVSS Scoring (Previously Mitigated Items): This matrix displays mitigated vulnerabilities by CVSS scores ranging from 10-7, 6.9-5, 4.9-3 and below 2.9.

Executive Summary - Asset Summary by MS Bulletins: This component is a table showing a top 10 summary of the most vulnerable assets with missing Microsoft Bulletins, sorted by critical severities. The chart indicates all critical, high, and medium severities.