Skip to main content

Applications

Use the Applications dashboard in Risk Monitor to explore different aspects of the applications in your IT estate.

Description

You can, for example, see:

  • The distribution of applications between manufacturers in the Application manufacturers chart.

  • If there is an unexpectedly large amount of applications of a type that should not be commonly used in your organization in the Application types chart.

  • The number of vulnerable applications that are out of support but for which upgrades are available in the Application installations risk cross-over chart.

You can look up the exact versions of installed applications in the Application details table.

You can filter the data to focus on specific aspects of the applications. All key figures, charts, and tables will adjust to show the results filtered by the selected parameter. Use the filters to focus on, for example:

  • All applications installed on a specific device.

  • All applications within a specific department in the organization.

  • All vulnerable applications within the organization.

  • All PII risk applications within the organization.

  • All open source applications within the organization.

For information on related use cases, see the following sections:

Characteristics

You can refer to the tables below for descriptions of the key figures, filters, charts, and tables on the dashboard.

Key figures

The key figures give a quick overview of the applications in your IT estate.

Key figureDescription
InstalledThe total number of applications installed on devices in the organization.
VulnerableThe number of installed applications containing at least one vulnerability.
PII riskThe number of installed applications that may contain personally identifiable information.
Vulnerable PII riskThe number of installed applications that are both vulnerable and may contain personally identifiable information.

Filters

Use one or more filters to focus on certain aspects of the applications in your IT estate. All the key figures, charts, and tables on the dashboard will adjust to show the results filtered by the selected parameter or parameters.

FilterDescription
Device nameSelect a device from the list to see an overview of applications installed on that device.
The table Application details will list all applications installed on the device and the number of vulnerabilities for each application.
OrganizationSelect an organizational unit from the list to see an overview of applications used by that organizational unit.
Vulnerable applicationSelect True to see an overview of all vulnerable applications.
Select False to see an overview of all applications without vulnerabilities.
PII riskSelect True to see an overview of installed applications that are designed to hold personally identifiable information.
Select False to see an overview of installed applications that do not hold personally identifiable information.
CVE IDSelect a CVE ID from the list to see if any applications in your IT estate contain the vulnerability connected to the CVE ID.
If the vulnerability is not present in your organization the page will show blank results.
Open sourceSelect True to see an overview of all open source applications in your IT estate.
Select False to see an overview of all applications in your IT estate that are not open source.

Charts

Use the charts to get insights into different aspects of the applications in your IT estate.

You can select a bar in a chart to focus on a specific aspect, for example, all applications from a certain manufacturer. All the key figures, charts, and tables on the dashboard will adjust to show the results filtered by the selected item.

ChartDescription
Application installations risk cross-overEach circle in the diagram represents applications in your IT estate with a specific characteristic:
  • The PII circle represents applications designed to hold personally identifiable information.
  • The Vulnerable circle represents applications containing one or more vulnerabilities.
  • The Upgradeable circle represents applications for which upgrades are available.
  • The Support ended circle represents applications that are no longer supported by the manufacturer.
Applications with two or more characteristics are represented by the segments of overlapping circles. For example, the segment in the middle of the diagram represents applications with all four characteristics; vulnerable PII applications that are out of support, but for which upgrades are available.
Application manufacturersGroups the number of installed applications by manufacturer.
Application typesGroups the number of installed applications by application type.

Tables

Use the table to look up details about applications in your IT estate.

Select a column header to sort the table by that column.

TableDescription
Application detailsUnfiltered, the table includes all applications in your IT estate, grouped by application manufacturer. For each application, all software versions present in the IT estate are listed.
The following details are shown in the table:
  • Application manufacturer: The name of the application manufacturer.
    Select the plus icon to the left of the manufacturer name to expand the table and see all installed applications from the manufacturer.
  • Application name: The name of the application.
    Select the plus icon to the left of the application name to expand the table and see all installed software versions of the application.
  • Software version: The version of the application in the Application name column.
  • Vulnerable devices: The number of devices with vulnerable applications from the manufacturer in question.
  • Inventoried devices: The number of devices with applications from the manufacturer in question.
  • Vulnerable users: The number of users with access to vulnerable applications from the manufacturer in question.
  • Inventoried users: The number of users with access to applications from the manufacturer in question.
  • Critical vulnerabilities: The number of vulnerabilities in applications from the manufacturer in question with base severity grade critical.
  • High vulnerabilities: The number of vulnerabilities in applications from the manufacturer in question with base severity grade high.
  • Total vulnerabilities: The total number of vulnerabilities in applications from the manufacturer in question.