CISO dashboard
-
- UpdatedAug 3, 2023
- 4 minutes to read
- Vancouver
- Security Incident Response setup
The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.
This dashboard reveals the overall security posture of your organization, including security vulnerability and incidents.
End users and roles
| End user and goal | Required role |
|---|---|
| CISO: Needs clear visibility regarding the current security posture of the overall organization | sn_si.ciso |
CISO dashboard indicators
The CISO dashboard presents the following key performance indicators:
- SI - Average Time to Identify
- A 7-day average of the time in minutes it takes to identify a security incident, calculated daily.
- Average Time to Contain
- A 7-day average of the time in minutes it takes to contain a security incident, calculated daily.
- Average Time to Eradicate
- A 7-day average of the time in minutes it takes to eradicate a security incident, calculated daily. Both Average Time to Contain and Average Time to Eradicate are based on the indicator SI - Average Duration Time broken down by Security Incident State.
- New Security Incidents This Week
- The weekly sum of the score of the daily Number of new security incidents indicator.
- Security Incidents Closed (weekly)
- The 7-day running sum of the daily Number of closed security incidents indicator.
- New Security Incidents by Priority
- Daily breakdown of the Number of new security incidents indicator by Priority.
- New vs Closed Security Incidents (weekly) volume
- The 7-day running sum time series of the Number of new incidents indicator charted against the 7-day running sum time series of the Number of closed incidents indicator.
- Security Incident Heatmap
- A global map showing the number of open security incidents in each country.
- Security Incident Treemap
- An interactive treemap where you can select to see:
- Security incidents per business service, broken down by business criticality
- Security incidents broken down by category or subcategory of incident
- Security incidents per assignment group or per assignee
- 'Victim stats' of security incident per affected resource or affected user
Breakdowns
The following breakdowns apply to the indicators on the dashboard:
- Business criticality
- Security Group
- Security Incident Age
- Security Incident Category
- Security Incident Close Code
- Security Incident Priority
- Security Incident State
- SI - Business Service
- Vulnerability
Data visualizations
The dashboard includes the following visualizations:
| Title | Type | Description |
|---|---|---|
| Security Incidents Open for More Than 30 Days by Assignment Group and State | Heatmap  |
Displays models with the most vulnerable items. |
| Risks by Category | Donut  |
Lists the age of reopened vulnerable items. |
| Citations by Authority Document | Donut |
Number of active vulnerabilities |
| Security Incidents With Assignee That is not Active | Heatmap |
Displays the number of open vulnerable items associated with vulnerabilities, (Common Vulnerability Enumeration (CVE) records), from most to least. |
| Security Incidents Not Updated for More Than 30 Days by Assignment Group and State | Heatmap |
Displays publishers with the most vulnerable items. |
| Vulnerability Map | Map  |
A world map showing vulnerabilities by location |
| Most Vulnerable Models | Donut |
The applications that contain the most vulnerabilities |
| Most Vulnerable CIs by Class | Donut |
CIs by server type |
| Services with Critically Significant Vulnerabilities | List  |
|
| Non-compliant profiles | Bar  |
Non-compliant controls by profile |
| Control Overview | Bar |
Number of compliant and non-compliant controls |
| Policy Exceptions | List |
Policy exceptions with priority, owner, and short description |
| Risks by Category | Donut |
The number of risks in each category of risk |
| Inherent Risk | Bubble  |
Inherent SLE vs Inherent ARO |
| Residual Risk | Bubble |
Residual SLE vs Residual ARO |
| Moderate, High, and Very High Risks | Scores |
The numbers of moderate, high, and very high risks, respectively |
| Risk by Profile | Stacked Bar |
Risk count where you can select what to group by and what to stack by |