Vulnerability Metrics

SSH Detection Dashboard

by Michael Willison
July 18, 2014

SSH Detection Dashboard screenshot
This dashboard provides information on SSH remote access vulnerabilities, exploits, and network traffic flow. SSH (Secure Shell) is used by *nix, Mac OS, and Windows to remotely manage other devices on the network.

MAS TRM Guidelines

by David Schwalenberg
July 2, 2014

The Monetary Authority of Singapore (MAS) published new Technology Risk Management (TRM) Guidelines in June 2013. The MAS TRM Guidelines dashboard provides a high level overview of information relevant to specific sections in the TRM Guidelines.

Qualitative Risk Analysis Dashboard

by David Schwalenberg
June 25, 2014

Qualitative Risk Analysis Dashboard Screenshot
Information Security professionals continuously perform various types of risk assessments within their environment. SecurityCenter users have a secret weapon in the battle to properly assess risk, and that weapon is SecurityCenter’s native ability to fully use the CVSS scoring system.

Mitigation Summary

by David Schwalenberg
June 18, 2014

Mitigation Summary Dashboard Screenshot
This dashboard presents vulnerability summary information grouped in various ways. It provides a succinct visual representation of how quickly vulnerabilities on the network are being mitigated and how many exploitable vulnerabilities remain.

Unknown Process(es)

by Josef Weiss
June 17, 2014

Unknown Process Dashboard Image
This dashboard displays unknown processes, Microsoft Windows autoruns, gray area processes, and known installed software across a series of components.

SEC Risk Alert

by David Schwalenberg
June 11, 2014

SEC Risk Alert Dashboard Screenshot
On April 15, 2014, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its Cybersecurity Initiative "to assess cybersecurity preparedness in the securities industry." This dashboard presents network information that can assist organizations in evaluating and improving their cybersecurity preparedness.

OpenSSL ChangeCipherSpec Dashboard

by Michael Willison
June 6, 2014

OpenSSL ChangeCipherSpec Dashboard
As new threats emerge in networks, SecurityCenter customers are able to properly identify risk. This dashboard identifies systems vulnerable to the new OpenSSL ChangeCipherSpec vulnerability.

CVSS Temporal Ratio

by Cody Dumont
May 15, 2014

CVSS Temporal Ratio Screen Shot
In conjunction with CVSS Temporal score heat maps, SecurityCenter can also provide a more detailed analysis such as exploitability. This dashboard uses a heat map approach and provides an analysis of the vulnerabilities and notes if a published exploit is available.

CVSS Temporal Risk Heat Map

by Cody Dumont
May 8, 2014

CVSS Temporal Risk Heat Map Screen Shot
The use of heat maps is commonplace in all types of risk analysis. SecurityCenter customers have the ability to combine matrix components together to create a heat map to assess risk with an organization. This dashboard uses CVSS temporal metrics to display risk levels of systems and their vulnerabilities.

CVSS Exploitability (E) and Remediation Level (RL) Risk Matrices

by Cody Dumont
May 1, 2014

CVSS Temporal Risk Heat Map Screen Shot
The Common Vulnerability Scoring System (CVSS) provides an open framework for assessing the risk of discovered vulnerabilities. The scoring system has three metric types, the second being “Temporal Metric”. This dashboard provides four risk analysis matrices, two risk-based heat maps, and two with published exploit ratios.