Dashboard shows different widgets that consist of risk score associated with each threat, discovery of risky assets, exposed services to digital attacks, and risks detected from different sources - AWS, Amazon, Google Cloud, and others.
Risk Score Widget along with Line chart
Overall Risk score denotes the cumulative score of all risks posed from threats over a period of one month as shown below. Higher score attracts support team to drill down to analyze multiple threats to mitigate the risk.
Line Charts across Threat Categories
Resolution Intelligence Cloud categorized all threats into 4 different categories and their respective risk scores over a period of one month are shown on the charts. Hover your mouse over the respective lines to see risk score and its severity level of a threat.
Highly Impacted Signals
The table describes all signals that are generated from the different sources with risk score more than 85 means these are highly impacted risky signals that requires a special attention from security team to mitigate the damage.
The components in the below table are
- Signal ID - Identification number of each signal
- Created On - Date and time on which the signal generated
- Severity - A state of a signal
- Category - Type to which a signal belongs to
- Risk Rule - Type of rule that applied to each signal
- Risk Score - Score of each signal denotes the potential damage that is impacting on asset
To drill down more details of a signal, click on the Signal ID. A popup appears on screen where you can view the summary of signal, type of risk rules that are applied to signal, impacted entities such as - IP address, ports, service types and devices; and recommendations suggested by Netenrich to suppress/close the signal without following complex procedures.
Resolution Intelligence Cloud provides an ability to close the signal that is in opened state by analyzing the score of a signal.
To update the signal state to Closed,
- Click on the Signal ID. A pop up appears on screen.
- Scroll down and click on Update Signal Status.
- Select status from the dropdown list (Closed/Open)
- Choose appropriate option for Close Reason
- Enter Comments
- Click Update
Discovery of digital assets
Leader board widget displays the total number of digital assets discovered and out of which total number of risky assets are identified. Column chart displays the risk free and risky assets discovered on Y-axis and spread across different categories that are displayed on X-axis over a period of time.
IP by Hosting Provider
Leader board displays the total number of assets associated with their respective IPs for all providers. The bar chart displays number of assets associated with their respective IPs on X-axis and different hosting providers on Y-axis. Each bar represents the number of assets associated with IPs generated per each host.
Leaderboard displays the cumulative number of compromised services to external threats. The bar chart displays the number of exposed services on X-axis and names of services on Y-axis.
Leaderboard displays the total number of risks discovered across different categories. The bar chart shows the number of risks found on X-axis and severity level on Y-axis. The corresponding line chart displays the number of risks found for each severity level per each day of the month.
Open Risks by Category
The bar chart displays the number of risky signals that are open to investigate on X-axis and respective categories on Y-axis.
Signals closed by Reason
The pie chart displays the signals closed automatically by interpreting through different rules and other reasons in their respective percentages. The corresponding bar chart shows number of signals closed on X-axis and each reason on Y-axis.
Risky signals Open vs Closed
The Column chart displays the total number of signals that are open to investigate versus the total number of signals closed due to any one of these reasons (Auto closed, Acknowledged, Risk Accepted, Resolved, False Positive, and without any reasons).
Please sign in to leave a comment.