I’m happy to share our latest enhancement to visualizing your vulnerability data. Today, we are launching a new Heads-Up Display (HUD): a “mini dashboard” if you will, that allows you to visualize the current state of your vulnerabilities and defects.
Our new Heads-Up Display shows a live presentation of your vulnerabilities. It provides up-to-the-minute information on aspects of your vulnerability management program such as scoring, asset priorities, exploitability and impact calculations, with more metrics on the way. Each metric is interactive: rolling over a graph will show you the actual value of the attribute represented in that graph, while clicking a graph performs a live filter based on that attribute.
A simple use case for quickly finding vulnerabilities in your environment that have a very high likelihood of being exploited may be as follows:
- Navigate to the Vulnerabilities tab within your instance of Risk I/O where you will find the Heads Up Display.
- Let’s start by filtering on vulnerabilities that don’t require local access by clicking the Network portion of the Access Vector chart. This filter brings our open vulnerabilities down from 63,060 to 50,970.
- Now lets drill down further by continuing to look at the simplest of vulnerabilities to exploit. I’ll click the Low value for Access Complexity and None Required for level of Authentication. This brings our list down even further to 16,462.
- From here I can narrow the number of vulnerabilities to tackle by filtering on their impact subscores. This will give us issues that are not only likely to be exploited but with higher impacts. Lets filter by choosing Complete impacts of Confidentiality, Integrity and Availability. This brings our open list down to 5,709 open vulnerabilities.
- Next up, we’ll take our current list and narrow it further by only looking at vulnerabilities that have a Known Exploit. Choosing this value to filter on results in 1,111 open vulnerabilities.
- So far, we’ve been focusing on vulnerabilities that are easy to exploit, could have a higher impact on our environment, and have a publicly available exploit from sources like the Metasploit Framework, ExploitDB, etc. Let’s take this one step further and filter only on vulnerabilities within our DMZ that may be publicly facing. Since I have tagged these assets with DMZ within my instance of Risk I/O, I can simply select the tag ‘DMZ’ to filter on. This gives me a very short list of 16 open vulnerabilities to work with.
As mentioned, this is a simple use case to find the most egregious of vulnerabilities within our environment and I’m certain you will have and find many others. We think HUD will be one of the easiest ways to stay on top of your vulnerability management. We’ll be sprinkling more mini visualizations throughout Risk I/O in the future as we identify specific metrics that would be helpful to see in a more visual fashion. Give it a try and let us know what you think.