The Remediation Performance report presents remediation KPIs such as MTTR (Mean Time to Remediation), average daily remediated/introduced vulnerabilities, campaign coverage stats, remediation across business groups, MTTR stats, and more. The report generates a wide perspective on the remediation workload capacity in your organization so you can better evaluate and estimate your remediation pace and performance. Use the "Filters" pane on the right to focus your report, click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info.

First, make sure you cover the Reports (Analytics) Filters and Data Drilling to learn about the expected behavior of the trends and presented data.

The Remediation KPIs are the first and main widgets you encounter when entering the Remediation Performance report.

What does each KPI represent?

Percentage of findings (instances) with remediation campaigns over time by Risk Level. You should strive to have Critical/High-risk vulnerabilities in remediation campaigns.

Using the "Has Campaign" filter

We've also added a special filter called "Has Campaign" to help you view data only on findings (instances) covered by campaigns. In the example below, we use the "Has Campaign" filter and the Risk Level filter to show valuable data, such as MTTR, only on High Risk Level findings (instances) covered by campaigns.

Count of average daily remediation by business groups and how their rank shifts (Current vs. Previous Rank). The more remediations done on findings (instances) in a Business Group, the higher the rank climbs for that Business Group.

Strive for a higher remediation count for the Business Groups with the most critical impact.

"Mean Time To Remediate" is an industry-standard KPI used to refer to remediation progress. In this context, it represents the average time in days it takes to remediate findings (instances) per Business Group. The days count starts when the vulnerability is "first seen" in Vulcan Cyber ExposureOS, and sometimes the in the connector when we receive this data, and ends when remediation is completed.

The lower the MTTR, the better the Business Group is doing regarding the time it takes to remediate vulnerabilities. High MTTR indicates that the findings (instances) in this Business Group take the most time to remediate.

Track the Mean Time to Remediate (MTTR) in days over time, illustrating how remediation speed changes during the selected period. A downward trend reflects faster remediation efforts, while an upward trend may indicate delays in addressing vulnerabilities. You can use the data-drilling buttons to drill up and down.

Mean Time to Remediate (MTTR) is a key industry KPI that measures the average number of days it takes to remediate findings (instances). This trend breaks down MTTR by risk level (None, Low, Medium, High, and Critical), with the countdown starting when a vulnerability is 'first seen' in Vulcan, or in the connector if available, and ending when remediation is completed. A lower MTTR at each risk level reflects faster remediation efforts, while higher MTTR highlights areas where vulnerabilities at that risk level take longer to remediate (fix).

Tip: Click on a severity level to present more focused data across the other MTTRs.

MTTR by Risk (focused view).

Track how the Mean Time to Remediate (MTTR) in days evolves over time, highlighting changes in remediation speed during the selected period. A downward trend reflects faster remediation efforts, while an upward trend may indicate delays in addressing vulnerabilities.

An insight into the difference in Mean Time to Remediate (MTTR) between findings (instances) with campaigns and those without. Campaigns help lower the organization's MTTR and significantly accelerate remediation efforts.

Count of newly introduced findings (instances) (i.e., newly identified by the Vulcan Cyber ExposureOS platform) vs. remediated findings (instances) with and without campaigns. The delta between newly introduced and remediated vulnerabilities shows the remediation program's capacity versus its workload. If there are consistently more new campaigns than remediated, the workload exceeds the available capacity.

Percentage of remediation capacity (Remediated / Introduced = capacity) per Risk Level. The percentage shows the remediation program's capacity dedicated to each risk level.

Percentage of remediation capacity (Remediated / Introduced = capacity) per Asset Type. The percentage shows the remediation program's capacity dedicated to each asset type.

Read our Reports (Analytics) FAQ and Data Validation article here.