Skip to main content
Dashboard Widgets

Learn all about the trends, insight cards, and graphs in the Vulcan Home Dashboard.

Updated over 2 months ago

About

The Vulcan Platform Dashboard module allows you, from managers to executives, to receive a coherent and elaborative view of the overall risk, tasks, and actions calculated and performed by the Vulcan platform.

Watch this updated Vulcan Cyber demo focused on cyber risk measurement, management, and mitigation.

Filters

Filter the dashboard data by Business Group to focus on the assets that matter to you the most.

Widgets

Security Posture Rating

The SPR widget displays your SPR calculated according to the threshold you defined. It indicates the percentage of assets complying with your maximum SPR risk threshold.

Risk Mass

The Risk Mass indicator is a sum of all the calculated atomic risks of all vulnerability instances at a given time in your organization. The risk mass indicates the amount of all maximum risk scores gathered from all instances. Risk mass in Business Groups shows the number of maximum risks gathered per a specific Business Group. As a CISO and security personnel, you must aim to lower your risk mass by remediating vulnerabilities.

Company ROI

The Company ROI indicator shows how many person-hours your organization saves using the Vulcan Platform.
Return-of-Investment of person-hours your Cyber Security department and organization is saving by utilizing the Vulcan Platform. The more you get out of the Vulcan Platform, the more money you save on Cyber Security procedures and man-hours.

The "Saving" is evaluated by calculating the amount of data consolidated and the number of actions performed through the Vulcan Platform.

How is the ROI calculated?

Company ROI is composed of two main components:

Platform ROI (incremented monthly) + Actions ROI (calculated daily) = Company ROI

Platform ROI

At the beginning of each month, the Vulcan Platform calculates how many hours it would have taken a single person to handle the data retrieved from the multiple scanners manually. This includes analyzing, correlating, prioritizing, researching fixes, and generating reports.

Let's look at the following calculation example:

16,000 ingested assets + 40,000 ingested vulnerability instances from multiple scanners = 56,000 data units
56,000 data units * 0.0008 h/data point = 45 person hours = 1 week of work of a single person

Action ROI

Examples of automated actions include opening and assigning a task, populating the relevant vulnerability information, gathering information on relevant assets and fixes, and much more.

One Vulcan automated action = 0.2 person-hours

Raw Attack Surface Data

This graph helps you understand which sources (connectors) retrieve the most significant amount of assets and vulnerabilities from your organization. It visualizes the amount of raw data ingested per connector into the Vulcan Platform before any consolidation and aggregation by the Vulcan Platform special engines.

Note: The data presented indicates all asset-vulnerability connections observed in all syncs performed by connectors.

Assets Dedup Data

Total Ingested Data: Sum up all the assets collected from all connectors before merging and deduplication.

Unique Assets: Number of unique assets after merging and deduplication after being digested by the Vulcan Platform special engines

Assets in Risk: Number of unique assets whose prioritized risk score exceeds the SPR threshold. This is where data reduction happens - the Vulcan Platform engines significantly reduce the overwhelming assets data to what matters, the assets you need to look at and focus on.

Prioritize Vulnerabilities by

Unique prioritized vulnerabilities are categorized and prioritized by Risk score, Threat Intelligence sources, SLA Exceeding, and available fixes.
Use this widget to access unique vulnerabilities prioritized by different security dimensions quickly. For example, click "Show hot" to show all the vulnerabilities mainly discussed by the cyber community. Another example is accessing all the vulnerabilities with an available Patch ("With Patches"), so you can quickly get them off the list by remediating using available fixes.

You can also toggle the "Vulnerabilities above Risk Threshold" to reduce the vulnerabilities list and focus only on the ones above the SPR threshold.

Zero-Day

The Zero-day widget shows potentially critical or high-severity vulnerabilities with no available official patch or fixes from the vendor. You can click on "show vulnerabilities" for more details.

Once a patch or a fix becomes available, the vulnerability will disappear from the Zero-Day display.


Stay Ahead of

This widget alternates according to the recently discovered global-event vulnerabilities. Track top-news vulnerabilities in your environment, such as Log4shell, OpenSSL3, and more, by clicking on the Track button on the widget.

Top Business Groups by

This heat map lets you view the top Business Groups with the highest Risk Mass or SPR. Use this heat map to prioritize the Business Groups that require more attention.

The blocks' color and size correlate with the SPR score and Risk Mass.

Block size: Reflects the Risk Mass. The larger the rectangle, the larger the Risk Mass is.

Block color: Reflects the SPR risk score (Critical to Low)

What happens when you filter Business Groups by Risk Mass?

You can preview the maximum risks (Risk Mass) gathered per a specific Business Group. The larger the Business Group's square/rectangle, the larger the Risk Mass is, i.e., a higher count of assets with higher risk. The color indication reflects the SPR risk level.

As a CISO and security personnel, you must aim to lower your risk mass by remediating vulnerabilities. Arrange the BGs by Risk Mass to view the business groups with the highest risk mass requiring immediate remediation.

What happens when you filter Business Groups by SPR?

You get to preview the Business Groups colored by SPR risk level (Critical, High, Medium, Low) to determine which Business Group has the highest SPR risk level so you can prioritize it accordingly. This is why when the SPR view is toggled, you'll see a lot of 'red block.' This means that remediation still needs to be done for these business groups and that they have a lot of assets with vulnerabilities and risks above the SPR threshold.

The % of the SPR shown in each block represents the percentage of the assets that meet the risk criteria. For example, 0% SPR means that none of the assets in this Business Group meets the risk criteria - which means that all the assets in this Business Group are above the SPR threshold = Critical risk score as indicated with a red block.

Remediation Campaigns

Insight on the status of the overall campaign. Click to track your active campaigns.

This widget is your way to track the teams fixing vulnerabilities on your assets.

Top Highest-Impact Campaigns

Top 5 campaigns with the highest risk-mass impact on the organization. This widget presents the top in-progress campaigns that fix many risks so you can easily track the progress from the dashboard.

It also brings more awareness to using campaigns to make your security program more efficient.

FAQ

Can I see the stats on my tickets (Jira/ServiceNow) in the Vulcan Home Dashboard?

No. For stats on tickets created in Jira or Service now, check the Campaign Tracking Report. The Dashboard doesn't include stats on campaigns.

Did this answer your question?