About Vulcan Cyber ExposureOS Reports (Analytics)
The Reports tab in your Vulcan Cyber ExposureOS platform offers statistical analysis of your Vulcan Cyber ExposureOS data to help you monitor the status and progress of vulnerabilities, SLAs, remediation, and much more. Use Reports (Analytics) to analyze and shape your cyber-security processes and improve decision-making.
The Vulcan Cyber ExposureOS Reports (Analytics) offers:
Vulcan Cyber ExposureOS Reports (Analytics): a collection of pre-defined reports made by the Vulcan Cyber ExposureOS Reports (Analytics) team.
Self-service Reports (Analytics): the ability to create your own customized reports. Customized reports can be created by using:
Customized widgets (create your own widgets)
Pre-made widgets (from the Widgets Bank)
Available Vulcan Cyber ExposureOS Reports (Analytics)
Report | Description |
Top Operational Findings | The Top Operational Report, prefiltered by Critical Unique Vulnerabilities in the "Vulnerable" or "In Progress" status, provides valuable insights into your organization's security posture and vulnerability management. The report helps you understand compliance percentage, total vulnerability count, and asset associations. Identify top vulnerabilities, prioritize remediation efforts, and track critical vulnerabilities across business groups. This concise and valuable report lets you make informed decisions to enhance your cyber security. |
End of Life | The EOL report is designed to provide you with valuable analytics concerning the end-of-life (EOL) dates for operating systems (OS) and versions on hosts. Through the reports section, you have the ability to access and analyze your EOL assets, gaining visibility into their overall status and progress across the organization and within specific business groups. This report relies on the |
Campaign Tracking | The Campaign Tracking report provides remediation KPIs such as MTTR (Mean Time to Remediation), average daily remediated/introduced vulnerabilities, and campaign coverage, generating a bigger picture of your organization's remediation workload capacity. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
CISO Management | The CISO Management report provides critical visibility into operating metrics like remediation status, campaign coverage, and compliance to ease accurate communication of operational status across the organization. This report is designed to help CISOs and other executives manage security and risk management relationships within the organization and deliver cyber risk performance benchmarks for each business group. This report also identifies vulnerabilities with the greatest impact potential on the organization, reports the most common CVEs, and highlights industry-recognized Hot CVEs of the month. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
CISO Executive | The CISO Executive report provides an executive-level summary of the industry KPIs presented in various Vulcan Cyber ExposureOS reports. It highlights security posture rating (SPR) and business group benchmarking, SLA compliance, and campaign coverage, as well as a Scatter Plot widget showing what Business Groups have the most impact on the organizational SPR. We recommend visiting this CISO persona-based report monthly or quarterly. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
Security Posture Rating | The SPR report helps you understand how vulnerability response activities impact your security posture and its criticality to successful risk management. As critical vulnerabilities are remediated, the SPR is automatically adjusted to show your new overall risk. Because it is calculated by intelligent asset groupings, when an asset’s vulnerabilities are remediated, the overall security posture improves. The SPR (Security Posture Rating) report reflects your organization’s attack surface and cyber risk, analyzing your security posture rating over time. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
Threat Intelligence | The Threat Intelligence report provides organizational analysis based on threat tags and main Threat intelligence frameworks, such as OWASP Top 10. The Threat Intelligence report compares CVSS risk scores to Vulcan Cyber ExposureOS contextualized risk calculation, analyzes which CVEs have the most vulnerabilities, provides insight into the Risk Mass distribution in your organization, and presents you with the up-and-down shifts in findings (instances) count over time. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
SLA Tracking | The SLA Tracking report provides visibility into the overall status and progress of SLA across the organization and per Business Group. The SLA Tracking report is entirely based on the defined SLA policies. SLA Policies let you establish clear and measurable guidelines to monitor and measure vulnerability remediation across the organization. SLA policies are like a target or a deadline within which your team is expected to respond and resolve vulnerabilities. Once you define your SLA, you can start gaining valuable insight from the SLA Tracking report and re-assess your remediation efforts. Note that the report only counts assets with defined SLA (SLA days value is set to > 0). Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
MITRE ATT&CK | The MITRE ATT&CK interactive dashboard aligns vulnerabilities and risk management to the MITRE ATT&CK matrix to help implement a best practices approach to prioritization and mitigation. The widgets in this report map vulnerabilities in your environment to specific MITRE Tactics and Techniques using your preferred criteria and filters. You can drill into vulnerability details within the reports to learn more and take immediate action. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
Risk Exception | The Risk Exception report evaluates the accepted risk posed by approved Exception Requests and ignored findings (instances) from connectors, adding business context and helping the security team operate around the risk exception and compliance policies. The report is mainly based on the data on the Exceptions page > "Approved" and on the Vulnerabilities page > "Ignored". Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
Application Security | The Application Security report helps you understand the risk impact of Code Projects and Websites on your organization. Get visibility into AppSec-filtered MTTR, Assets SLA Compliance and Risk Mass. Use this actionable report to understand the impact of application vulnerabilities on your organizational cyber risk, prioritize remediation based on CWEs, and access AppSec-filtered assets and vulnerabilities tables to create remediation campaigns and fix application security weaknesses before they affect your users. |
Scan Coverage | The Scan coverage report helps you understand the scan-coverage aspects of the organization's asset inventory. This report provides visibility on scanned vs. unscanned assets. The integrated vulnerability scanners don't scan unscanned assets for vulnerabilities. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
Remediation Performance | The Remediation Performance report presents remediation KPIs such as MTTR (Mean Time to Remediation), average daily remediated/introduced vulnerabilities, campaign coverage stats, remediation across business groups, MTTR stats, and more. The report generates a wide perspective on the remediation workload capacity in your organization so you can better evaluate and estimate your remediation pace and performance. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
PCI Report | The PCI compliance Vulnerability Management report helps you audit the Payment Card Industry Data Security Standard (PCI) and understand your PCI compliance status across PCI-relevant Business Groups. To work with the PCI report, you must first create dedicated PCI-relevant Business Groups that contain PCI assets. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info. |
How to use Vulcan Cyber ExposureOS Reports (Analytics)
To learn how to use Vulcan Cyber ExposureOS Reports (Analytics), click the “How To Use” tutorial available on the top-right Reports (Analytics) home page.
Learn about report functionality such as filtering, tooltips, cross-filter, visuals, custom widgets, and more;
Train stakeholders who are new to Vulcan Cyber ExposureOS with a simple tutorial.
Export Reports (Analytics)
To export the content of a report to a PDF:
Enter the desired report.
Optional: Apply filters.
From the "Export" dropdown, click "Export to PDF".
After a few seconds, a notification will appear, confirming that the report will be sent to the Vulcan Cyber ExposureOS user's email address.
The report will be sent to the Vulcan Cyber ExposureOS user email address.
Important: If you don't get the email, we suggest checking the spam folder, as there is a possibility that the email containing the report might end up there. If you find the email in the spam folder, please mark it as 'Not Spam' to ensure that you receive future reports smoothly.
PDF Example
Report Scheduler (Schedule Report Export)
The Report Scheduler automates the generation and delivery of reports in a PDF format. Instead of manually creating and distributing reports, the report scheduler lets you define a schedule and recipients, allowing the platform to automatically generate and send reports to relevant stakeholders.
Select the frequency for generating automatic reports (Daily, Weekly, or Monthly). The Vulcan Cyber ExposureOS platform emails the scheduled reports as follows:
Daily: At 07:30 UTC
Weekly: Every Monday, at 07:30 UTC.
Monthly: First day of the month, at 07:30 UTC.
Set the regular recipients of the report out of the existing Vulcan Cyber ExposureOS users list. Only the recipients selected will receive the reports.
Important: If the recipient doesn't get the email, we suggest checking the spam folder, as there is a possibility that the email containing the report might end up there. If the email is in the spam folder, mark it as 'Not Spam' to ensure receiving future reports smoothly.
Note: You can always edit or delete schedules.
Tooltips
Hover over a widget and click the question mark symbol to learn about the widget.
Cross-Filters
Select a data point of value in one visual to cross-filter the rest of the visuals. The related data in the visuals will remain, while the unrelated data will disappear.
Data Drilling
Data drilling is a capability that takes you from a more general view of the data to a more specific one. Simply use the up-down arrows available on the relevant widgets or hover over a data point and right-click to see the data drilling options available.
Note: Not every visual has the drill-down option.
Sort visuals and tables
You can change the sort of a visual or a table to focus on a different aspect or discover new insights. You can also sort alphabetically, numerically, descending, or ascending.
Filters
Apply filters to focus on more specific data. By applying multiple filters, you hide irrelevant data and focus on only what matters to you most.
Filter an entire report page: Use the available filters on the right Filters pane to impact the entire report.
Note: Some filters are common to all reports, and some are enabled only for specific reports.Filter a specific visual/widget: Select a specific visual/widget in the report, then use the filters pane on the right to apply the filters only on the selected visual.
The Period filter
To better analyze your cyber-security status and progress, use the Period filter to compare two pre-defined periods. For example, you can compare the last 30 days with the 30 days before.
You can select to compare the Last 7 Days, Last 30 Days, Last 60 Days, Last 90 Days, and Last Month (e.g., August vs. July).
When selecting a comparison period, the trends and data on the page adjust to show you the current and most relevant data compared to the previously selected date.
Positive change is indicated with the percentage without any prefixes.
Negative changes are indicated with a minus (-)
For example, the Security Posture Rating below shows 88.7%, and the % change from the last period is 0.10% in SPR (positive change).
In the example below, the SPR percentage in the 90 days between 05/30/2023 and 08/27/2023 is 0.10% higher than in the period between 03/01/2023 and 05/29/2023. This means your SPR percentage has increased.
Business Group filter
This is one of the most important filters you'll use. Use the Business Groups filter to present data on a specific Business Group (or more) that interests you most or has the highest impact. This filter exists across the Vulcan Cyber ExposureOS Reports, helping you narrow your data and focus on what matters.
Asset Tags Filter
Users can designate an asset tag as a filter within the reports section by flagging it with the option "Use as a Filter in Analytics."
Universal report availability: Filtering reports by Asset Tags is available across all reports in the Vulcan Cyber ExposureOS platform, ensuring comprehensive applicability.
Efficient integration flow: Once a tag is marked for use in reports (analytics), it will be integrated into the reporting system within the next reports (analytics) build cycle, which takes up to 24 hours. This ensures a seamless and timely addition of new filters into the system.
Enhanced dashboard interactivity: Both widgets and dashboards can be filtered by specific tags, allowing users to see the impact of individual tags.
Real-time impact analysis: By filtering dashboards and widgets with specific asset tags, users can gain immediate insights into how particular tags influence their security posture. This feature helps users make more accurate decisions based on the specific characteristics and implications of each tag.
SLA Filter
This filter allows you to swiftly identify and segregate assets by their SLA compliance status. It addresses the challenge of manually tracking and ensuring SLA compliance for high and critical vulnerabilities across different business groups and assets, specifically focusing on those with high and critical vulnerabilities.
Business group specifics: View the number of assets within each business group alongside a detailed breakdown of those not meeting SLA requirements, offering a clear picture of compliance and areas needing attention.
Enhanced decision-making: Gain immediate access to critical data points, such as the percentage of SLA-compliant assets, enabling informed decisions and targeted remediation strategies.
More filters
The following filters can be applied to some key reports:
EPSS (Exploit Prediction Scoring System)
CVSS (Common Vulnerability Scoring System)
Vulnerability Publish Date: This date is sourced from the connector based on when the CVE was published in the cloud. If the publish date is not available, the field will be empty.
Supported Reports: Security Posture Rating, Remediation Performance, Campaign Tracking, SLA Tracking, Threat Intelligence Report, CISO Management Report, PCI Report, Application Security Report, Risk Exception Report, MITRE ATT&CK, End of Life, Top Operational Report.
Self-Service Reports (Analytics)
You can create customized reports (analytics). Learn all about it here.
Reports (Analytics) FAQ and Data Validation
Read our Reports (Analytics) FAQ and Data Validation article here.