The Executive Dashboard

The Executive Dashboard provides reports and metrics with persistence of vulnerabilities and correlation with other applications and projects. This dashboard provides not just average remediation time, but many other analytics and trends to monitor and report the overall security health for a complete application security footprint. To access this tab:

  1. From the main Sentinel menu, select Summary.

    dashboard 2

  2. From the tabs displayed, select the Dashboard tab.

  3. From the dropdown list highlighted above, choose Executive.

  4. Select which asset type that you want to see analytics displayed for: Sites or Applications.

    It should be noted that API asset analytics are currently incorporated into analytics in Sites.

  5. From the dropdown highlighted, select whether you want to display All Assets, or only a specific asset group.

  6. Optionally you can export the dashboards to PDF or CSV files.

Overview of Executive Dashboard

dashboard exec summ1
Field No. Field Name Description

1

Total and Open Vulnerabilities

This summarizes vulnerabilities currently open and closed over the lifetime of the asset. The following is displayed:

  • The Total Vulnerabilities found in the history of the asset

  • How many vulnerabilities that have been closed

  • How many vulnerabilities that are currently open

  • The severity category that the Open Vulnerabilities fall into

The total vulnerabilities and total vulnerabilities closed are both for the lifetime of the asset in Sentinel. Obviously over time, the total vulnerabilities closed numbers should be much larger than the currently-open vulnerabilities.

2

Vulnerability Trends

The Trend - Vulnerabilities table displays your closed vulnerabilities, new vulnerabilities, and total open vulnerabilities month by month. This will illustrate your improvement over time and will show up to twelve (12) months of data.

  • First Opened reflects the number of vulnerabilities first opened during that month.

  • Latest Closed reflects the number of vulnerabilities most recently closed during that month.

  • Latest Reopened shows the number of vulnerabilities reopened in that month.

  • Open - Closed reflects the sum of the vulnerabilities first opened that month minus the total number of vulnerabilities closed in that month.

EXAMPLE: In the table above, the month of March shows:

  • 32 vulnerabilities first opened in that month

  • 5 vulnerabilities closed

  • 1 vulnerability re-opened

  • The Opened - Closed figure is +27 because 32 (first opened) minus five (latest closed) is 27. The vulnerability that was re-opened during March is not counted in this total.

Below the Trend - Vulnerabilities table, you will see the Trend - Open Vulnerabilities line chart, which breaks out open vulnerabilties by severity. Also you will see the Trend - Remediation bar chart showing vulnerabilities opened against vulnerabilities closed.

3

Site Status (If the Applications option is selected at the top of the screen, this will be named Application Status)

Asset status will show the total count for your assets (either sites or applications).

For site assets (as displayed in the image above), you will see a summary of how many sites are within each service plan (BE, SE, or PE) and how many still need to have credentials or scan schedules set. In the example above, 17 sites need credentials, and 13 require schedules.)

If an asset is missing credentials, it cannot be fully scanned. If an asset is missing a schedule, it will only be scanned when a user specifically requests it using Scan Now.

For application assets (see image below), you will see the applications requiring repository configuration, the total needing a schedule set and also the total that have completed their initial scan.

dashboard apps status

4

Vulnerability Statistics

Vulnerability Statistics show the average age of vulnerabilities by severity and the time it has been taking to remediate them. (The average time to fix is the average of date closed minus date opened and only includes vulnerabilities that have a closed date.)

The filter field on the top right enables you to view All vulnerabilites, or those rated Critical, High & Above, Medium & Above or Low & Above.

5

Most Common Vulnerabilities

This displays your most common vulnerability classes, sorted by the number of open vulnerabilities in that class.

6

Most Vulnerable Assets

This displays your most vulnerable assets (either Sites or Applications). These are the assets with the greatest number of urgent or critical vulnerabilities, sorted by number size.