About the Campaign Tracking Report
The Campaign Tracking report provides remediation KPIs such as MTTR (Mean Time to Remediation), average daily remediated/introduced vulnerabilities, and campaign coverage, generating a bigger picture of your organization's remediation workload capacity.
Use the Filters pane on the right to focus your report. Click on a specific data element to filter the entire report or to access more data, and hover over a widget for more actions and info.
Before you dive in
First, ensure you cover the Reports (Analytics) Filters and Data Drilling to learn about the expected behavior of the trends and presented data.
For your reference, you can read all about the Vulcan Campaign here.
KPIs
The Campaign Tracking KPIs are the first and main widgets you encounter when entering the Campaign Tracking report.
What does each KPI represent?
KPI | Description | What to strive for? |
MTTR (days) | "Mean Time To Remediate" is an industry-standard KPI used to refer to remediation progress. In this context, it represents the average time in days it takes to remediate findings (instances). The days count starts when a campaign starts and ends when remediation is completed. | The lower the MTTR, the better your organization's performance is regarding the time it takes to remediate vulnerabilities. |
Campaign Coverage | Percentage of findings (instances) with remediation campaigns. | Strive for a higher percentage as it means more findings (instances) are being covered in active remediation campaigns. |
Open Campaigns | Count of open campaigns. A single campaign can contain more than one ticket/email. | (irrelevant) |
Campaign Actions | Count of actions performed in all campaigns. The minimum count of actions equals the number of open campaigns. A single campaign can contain more than one action (more than one ticket/email). | (irrelevant) |
Let's put the KPI data into some context
Suppose you have 100,000 findings (instances) in the whole environment. You've covered 10,000 findings (instances) in one campaign targeting remediation in production environments. The campaign you opened contains 50 different Jira tickets. In this case, the data would show:
Campaign Coverage: 10% (10,000 out of 100,000 findings (instances))
Open Campaigns: 1
Campaign Actions: 50
Widgets and trends
Cumulative Findings (Instances) Remediation in Campaigns
Count of Total, Fixed, and In Progress findings (instances) in all campaigns. The number of Fixed + In Progress findings (instances) = total count of findings (instances) in all campaigns.
Campaigns by Create Date and Status
Count of campaigns opened vs. closed per month or by date.
Campaign Coverage over time
Percentage of findings (instances) with associated remediation campaigns, over time, by Risk Level. Higher values are better, and High/Critical severity vulnerabilities should have priority.
This is the same graph you have in the Remediation Performance Report. Read about this graph here.
Campaign Actions by Business Group
Count of campaign actions by Business Group.
Campaign Actions by Type
Count of campaign actions by the ticketing system (Jira, Service Now, Azure Boards, Email, etc.).
Campaign due-date Compliance by Business Group
Percentage of tickets that meet their closed-by compliance metric, sorted by Business Group. This can be viewed as a measure of success, with higher values implying a more effective remediation campaign. Due dates are set automatically by the Vulcan Cyber ExposureOS platform when a campaign is created, with that value pushed to the ticketing system (Jira, ServiceNow, etc.).
Overdue Tickets
A list of tickets that have not been closed by the assigned due date. Use the filter on the left to filter by status. Click the Ticket URL to open the actual ticket in the ticketing system.
Campaign MTTR by Business Group
MTTR in days (Mean Time to Remediation) of campaigns by Business Groups, sorted by the highest to lowest. Lower MTTR is better. Business Groups with a Critical / High impact and high MTTR values may require more immediate attention.
Campaign MTTR by Risk Level
MTTR in days (Mean time to remediation) by Risk Level. Lower is better, especially for High and Critical Risk rated vulnerabilities.
Campaign MTTR by Asset Type
MTTR in days (Mean time to remediation) by Asset type. The number next to each asset type represents the mean time in days that it takes to remediate vulnerabilities attached to assets of this type.
Reports (Analytics) FAQ and Data Validation
Read our Reports (Analytics) FAQ and Data Validation article here.