Vulnerability exposure
Use the Vulnerability exposure dashboard in Risk Monitor to get an overview of your organization's exposure to software vulnerabilities.
Description
Unfiltered, the dashboard shows the vulnerability status for the whole IT estate. The key figures and charts will quickly give you insights into, for example:
-
If the number of vulnerable devices of a certain device type is larger than expected, in the Number of vulnerable devices chart.
-
If a specific device type, such as one that is especially exposed to security breaches in your organization, has a large amount of high and critical vulnerabilities, in the Vulnerabilities by device type chart.
-
If a majority of the vulnerabilities are severe or not, in the Vulnerabilities by base score chart.
Use the tables on the dashboard to look up information on vulnerabilities, for example, the CVE base score and description of a certain vulnerability, or the version of a vulnerable application installed on a specific device.
You can filter the data to focus on the vulnerability status for a certain parameter. All key figures, charts, and tables will adjust to show the results filtered by the selected parameter. Use the filters to focus on, for example:
-
A specific application in your organization; if it contains any vulnerabilities, and if so, what devices are affected.
-
A specific vulnerability; if it is present in your organization, and if so, what devices are affected.
-
All vulnerabilities within a certain base score range.
For example, if your organization’s security framework requires that all vulnerabilities with a base score above eight are eliminated, you can set the filter to show only vulnerabilities with a base score of nine or higher.
-
All vulnerabilities within a specific department in the organization.
-
All vulnerable applications that may contain personally identifiable information.
Related use cases
For information on related uses cases, see the following sections:
-
Find out if the vulnerability connected to a certain CVE id is present in your IT estate
-
Find links to security updates and patches for a vulnerability
Characteristics
You can refer to the tables below for descriptions of the key figures, filters, charts, and tables on the dashboard.
Key figures
The key figures give a quick overview of the status of your IT estate's exposure to software vulnerabilities.
| Key figure | Description |
|---|---|
| Total vulnerabilities | The number of individual instances of vulnerabilities found in the devices in your IT estate. |
| Unique vulnerabilities | The number of unique vulnerabilities in your IT estate. Each CVE ID represents a unique vulnerability. |
| Vulnerable devices | The number of devices in your IT estate with at least one vulnerable application installed. |
| Vulnerable applications | The number of installed applications in your IT estate containing at least one vulnerability. |
Filters
Use one or more filters to focus on specific aspects of your IT estate's exposure to software vulnerabilities. All the key figures, charts, and tables on the dashboard will adjust to show the results filtered by the selected parameter or parameters.
| Filter | Description |
|---|---|
| Application name | Select an application from the list to see if it contains any known vulnerabilities.
|
| Organization | Select an organizational unit from the list to see the vulnerability exposure for that organizational unit. |
| CVE ID | Find out if a certain vulnerability is present in your organization by filtering on the CVE ID connected to the vulnerability.
|
| PII risk | Select True to see the vulnerability exposure to applications in your organization that are designed to hold personally identifiable information. Note: This filtered view partly overlaps with the PII vulnerability exposure dashboard. |
| BaseScore | Select a range to see your organization's exposure to vulnerabilities with base scores within that range. You can, for example, select a range from 8 to 10 to focus on the most critical vulnerabilities. |
Charts
Use the charts to get insights into different aspects of your IT estate's exposure to software vulnerabilities.
You can select a bar in a chart to focus on the vulnerability exposure status for that item, for example for a device type or a base score. All the key figures, charts, and tables on the dashboard will adjust to show the results filtered by the selected item.
| Chart | Description |
|---|---|
| Number of vulnerable devices | Groups the number of vulnerable devices by device type. |
| Vulnerabilities by device type | Groups the total number of vulnerabilities by device type. For each device type, the vulnerabilities are divided by base severity category. |
| Vulnerabilities by base score | Groups the total number of vulnerabilities by base score. For each base score, the vulnerabilities are divided by base severity category. |
Tables
Use the tables to look up details about vulnerabilities.
Select a column header to sort the table by that column.
| Table | Description |
|---|---|
| Vulnerability details by application | Unfiltered, the table includes all vulnerabilities published in the NIST NVD. The following vulnerability details are shown in the table:
|
| Vulnerable devices | Lists the following details about devices with vulnerable applications:
|