IAVM Executive Summary Dashboard

by Cody Dumont
October 8, 2013

The US Cyber Command (USCYBERCOM) publishes Information Assurance Vulnerability Management (IAVM) Notices for the DoD.  IAVM Notices are published at several levels with differing priority categories. The IAVM Notices are posted on a USCYBERCOM website and also entered into the Defense Information Systems Agency (DISA) operated Vulnerability Management System (VMS). This dashboard provides an executive summary to the current IAVM program.  The dashboard and its components are available in the SecurityCenter 4.7 Dashboard app feed, an app store of dashboards, reports and assets.

The dashboard requirements are:

  • SecurityCenter 4.7
  • Nessus 5.2.1

Listed below are the included components:

IAVM Critical Severity Summary Yr 2013 - This component provides a pie chart of the top 10 critical severity IAVM vulnerabilities identified in 2013.  The pie chart is comprised of the host count for total hosts per IAVM Notice Number.

IAVM High Severity Summary Yr 2013 - This component provides a pie chart of the top 10 high severity IAVM vulnerabilities identified in 2013.  The pie chart is comprised of the host count for total hosts per IAVM Notice Number.

IAVM By Year (25 Day Trend) - This component displays a 25-day trend analysis IAVMs per year.  Each year starting with 2013 through 2010 has its own line, while all years from 2002 – 2009 share a common line.  The trend is calculated by using the total vulnerabilities on the respective date.

IAVM Plugin Family Vulnerabilities for YR 2013 - This component displays a bar chart summary of the IAVM status per plugin family.  The bar chart is also filtered to only display the top 5 plugin families.

IAVM Indicator by Year - This indicator style component shows a host count for each severity level for the corresponding year.  The host count is calculated by putting the year in as an IAVM filter and the respective severity level.

IAVM Indicator By Vendor - This indicator style component provides a correlation between IAVM and software vendor.  Using the CPE and/or Plugin name fields, SecurityCenter is able to map the IAVM Notice Number(s) to the software vendor and severity level.