Dashboard

This article explains the multiple dashboards available under the dashboard tab of an attack surface exposure module.

The dashboard shows different widgets that consist of risk scores associated with each threat, the discovery of risky assets, exposed services to digital attacks, and risks detected from different sources - AWS, Amazon, Google Cloud, and others. 

Risk Score Widget along with Line chart

Overall Risk score denotes the cumulative score of all risks posed by threats over a period of one month, as shown below. A higher score encourages the support team to drill down to analyze multiple threats to mitigate the risk.

Line Charts across Threat Categories

Resolution Intelligence Cloud categorized all threats into 4 different categories, and their respective risk scores over a period of one month are shown on the charts. Hover your mouse over the respective lines to see the risk score and the severity level of a threat.

Highly Impacted Signals

The table describes all signals that are generated from the different sources with a risk score greater than 85 means these are highly impacted risky signals that require special attention from the security team to mitigate the damage.

The components in the below table are 

• Signal ID  -  Identification number of each signal
• Created On  - Date and time on which the signal generated
• Severity  - A state of a signal
• Category  -  Type to which a signal belongs
• Risk Rule  -  Type of rule that applied to each signal
• Risk Score  -  Score of each signal denotes the potential damage that is impacting on asset

To drill down more details of a signal, click on the Signal ID. A popup appears on screen where you can view the summary of signal, type of risk rules that are applied to signal, impacted entities such as - IP address, ports, service types and devices; and recommendations suggested by Netenrich to suppress/close the signal without following complex procedures.

Discovery of digital assets

Leader board widget displays the total number of digital assets discovered and out of which total number of risky assets are identified. The column chart displays the risk-free and risky assets discovered on the Y-axis and spread across different categories that are displayed on the X-axis over a period of time.

IP by Hosting Provider

The leader board displays the total number of assets associated with their respective IPs for all providers. The bar chart displays the number of assets associated with their respective IPs on the X-axis and different hosting providers on the Y-axis. Each bar represents the number of assets associated with IPs generated per host. 

Exposed Services

The leaderboard displays the cumulative number of compromised services due to external threats. The bar chart displays the number of exposed services on the X-axis and the names of services on the Y-axis.

Risks Discovered

The leaderboard displays the total number of risks discovered across different categories. The bar chart shows the number of risks found on the X-axis and the severity level on the Y-axis. The corresponding line chart displays the number of risks found for each severity level per day of the month.

Open Risks by Category

The bar chart displays the number of risky signals that are open to investigation on the X-axis and their respective categories on the Y-axis.

Signals closed by Reason

The pie chart displays the signals closed automatically by interpreting different rules and other reasons in their respective percentages. The corresponding bar chart shows the number of signals closed on the X-axis and each reason on the Y-axis.

Risky signals Open vs Closed

The column chart displays the total number of signals that are open to investigation versus the total number of signals closed due to any one of these reasons (Auto closed, Acknowledged, Risk Accepted, Resolved, False Positive, and without any reasons).