Skip to main content
Widget Customization

Learn about customizing a widget in Self-Service Reports (Analytics)

Updated yesterday

About

Vulcan Cyber ExposureOS Self-Service Reports (Analytics) allows you to Customize a Widget to create and personalize widgets according to your unique preferences and control the data you visualize and how you interact with it.


Creating a customized widget

Utilize Vulcan Cyber ExposureOS widget builder to create and personalize visuals quickly.

  1. Go to Reports.

  2. Click on an existing customized report or "Add a Report" to create a new custom report.

  3. Click on an existing custom widget to edit it, or click "Add widgets" to begin designing your new visual.

  4. In the widget builder, select the widget type, title, axis, legend, and tooltips to present the desired information. Example: Choose a bar chart, set the title as "Vulnerabilities Over Time," specify the X-axis as "Months," etc.

  5. Once the widget is configured, click "Create" to add it to the new report.


Widget types

The following widget types are available to use:

  • Column Chart

  • Bar Chart

  • Pie Chart

  • Line Chart

  • Area Chart

  • Card

  • Multiple Value Card

  • Clustered Column Chart

  • Clustered Bar Chart

  • Scatter Chart

  • 100% Bar chart

  • 100% Column Chart

Building a Table widget

The Vulcan Cyber ExposureOS platform also supports table-formatted widgets, allowing you to organize and display data in a structured table format, directly responding to user requests for more customizable data views.

  1. From the home page dashboard, go to Reports.

  2. Click on Add a Report to start creating a customized report.

  3. Inside your report, select Add widgets to add new data visualizations.

  4. Click on Create new widget to begin configuring your widget.

  5. In the Select widget type dropdown, choose Table.

  6. Customize Your Widget:

    • Add the desired Columns and Measures to organize your data. You can customize these to match the data you want to display in a tabular format.

  7. View and Export Data:

    • Once the widget is created, view the data in table format directly within the platform. If needed, you can export the table as an Excel file for further use.

Customization options

For each widget you build, you need to grant it a name, write an indicative description (optional), select the visual type, and define the fields (x and y axis). You can customize the following:

Category (x-axis)

The categories on the x-axis refer to distinct items being compared or displayed in the graph.

For example, in a Line Chart comparing MTTR data of External Facing Assets across different Months, the months would be the categories on the x-axis.

X-axis option

Description

Day

Presents data per day

Month

Presents data per month

Quarter

Presents data per quarter

Asset Type

Presents data by asset type (Host, Code Project, Image, Cloud Resource)

Risk Level

Presents data by Risk Level (Critical, High, Medium, Low)

Business Group

Presents data per business group.

A Business Group is a collection of assets representing a Business Unit in your organization.

Ownership

Presents data per Dynamic tag.

Ownership represents and indicates asset(s) owner(s).

External Facing

Presents data per external facing asset.

An external-facing asset is an asset that can be accessed from outside the organization. For example, it can be open to the internet, providing content to anonymous users, internal employees, and business partners. Such assets are tagged with an External Facing tag.

Discovery Age

Show data by the discovery age of vulnerabilities in days (<30d, 30d-60d, 60d-90d, >90d)

Values (y-axis)

The values, represented on the y-axis, correspond to the data points or measurements in the graph. The y-axis represents the scale or numerical range against which these values are plotted.

For example, in a Column Chart showing Assets by Type (x-axis), the y-axis can indicate the SLA-Compoliancy for each category on the x-axis.

Y-axis option

Description

SPR

SPR threshold (0%-100%).

SPRis the percentage of assets that comply with the security posture policy of the organization. The higher the SPR is, the more compliant your environment is with the organization's security posture.

Risk Mass

Risk mass is the sum of all the calculated atomic risks of all findings (instances) at a given time.

Vulnerability Instances

Findings (instances) count.

Asset SLA Compliance

Percentage of assets compliant with the organizational SLA policy.

The SLA defines the days for a Critical/High/Medium/Low vulnerability to be fixed. Assets compliant with SLA are assets within the time-to-fix range defined in the SLA policy.

Campaign Coverage

Percentage of the category in the x-axis covered in campaigns (have a remedy campaign/ticket opened for them)

Assets SLA Exceeding

The count of assets exceeding their SLA policy (past the due date to be fixed as defined in the SLA policy).

Percentage of Assets SLA Exceeding

The percentage of assets exceeding their SLA.

Average Vulnerability Age

Show data by the average vulnerability age in days (vulnerability age = the day a vulnerability was first identified on the asset).

Count of Exception Requests

The number of exception requests opened for the category in the x-axis.

The Vulcan Cyber ExposureOS platform allows organizations to apply their risk-acceptance policy on vulnerabilities. The Exception Request flow in Vulcan Cyber ExposureOS enables users to create exception requests for vulnerabilities received in remediation tickets.

Vulnerability Instances with Exception Requests

The number of findings (instances) that have an exception request opened for them.

MTTR

MTTR (Mean Time To Remediate) is the average time it took to remediate vulnerabilities from when it was identified to when it was remediated.

The lower the MTTR is, the better your organization is doing regarding the time it takes to remediate vulnerabilities.

Vulnerability Instances approaching SLA

Count of vulnerability instances approaching the SLA due date (~20% to due date).

Scan Coverage

Percentage of scanned assets.

The percentage of scan coverage is calculated this way:
[# of Unscanned Assets] / [# of All Assets]

Count of Scanned Assets

Scanned Assets are assets within your inventory that have undergone the scanning process through the scanner integrated with the Vulcan Cyber ExposureOS platform.

Count of Unscanned Assets

Unscanned Assets are assets that have been ingested from your inventory connector but have not undergone scanning through your scanner connector.

Percentage of Unscanned Assets

The percentage of unscanned assets.

Count of Unique Vulnerabilities

The number of unique vulnerabilities.

Count of Assets

The total number of assets.

Average Vulnerability per Asset

The average vulnerability per asset.

Legend

The legend is a visual guide that explains the meaning of different elements or data series in the graph. Each entry corresponds to a distinct color, pattern, or marker used in the graph.

For example, in a 100% Bar Chart showing the risk mass of vulnerabilities for the different asset types, the legend might explain the distribution of the risk mass across the affected Business Groups.

Legend

Description

Asset Type

Presents a legend of asset type (Host, Code Project, Image, Cloud Resource)

Risk Level

Presents a legend of Risk Level (Critical, High, Medium, Low)

Business Group

Presents a legend of business groups.

A Business Group is a collection of assets representing a Business Unit in your organization.

Ownership

Presents a legend of Dynamic tags.

Ownership represents and indicates asset(s) owner(s).

External Facing

Presents a legend of external facing assets.

An external-facing asset is an asset that can be accessed from outside the organization. For example, it can be open to the internet, providing content to anonymous users, internal employees, and business partners. Such assets are tagged with an External Facing tag.

Discovery Age

Presents a legend of the discovery age of vulnerabilities in days (<30d, 30d-60d, 60d-90d, >90d)

Tooltip

A tooltip is a brief, contextual piece of information that appears when hovering over a specific data point or element in the graph. It provides additional details about that particular data point, helping the viewer understand its significance without cluttering the main graph area. Tooltips help give quick insights and aid in data exploration.

Tooltip option

Description

SPR

SPR threshold (0%-100%).

SPRis the percentage of assets that comply with the security posture policy of the organization. The higher the SPR is, the more compliant your environment is with the organization's security posture.

Risk Mass

Risk mass is the sum of all the calculated atomic risks of all findings (instances) at a given time.

Vulnerability Instances

Findings (instances) count.

Asset SLA Compliance

Percentage of assets compliant with the organizational SLA policy.

The SLA defines the days for a Critical/High/Medium/Low vulnerability to be fixed. Assets compliant with SLA are assets within the time-to-fix range defined in the SLA policy.

Campaign Coverage

Percentage of the category in the x-axis covered in campaigns (have a remedy campaign/ticket opened for them)

Count of Assets SLA Exceeding

Count of assets exceeding their SLA policy (past the due date to be fixed as defined in the SLA policy).

Percentage of Assets SLA Exceeding

The percentage of assets exceeding their SLA.

Average Vulnerability Age

Show data by the average vulnerability age in days (vulnerability age = the day a vulnerability was first identified on the asset).

Count of Exception Requests

The number of exception requests opened for the category in the x-axis.

The Vulcan Cyber ExposureOS platform allows organizations to apply their risk-acceptance policy on vulnerabilities. The Exception Request flow in Vulcan Cyber ExposureOS enables users to create exception requests for vulnerabilities received in remediation tickets.

Vulnerability Instances with Exception Requests

The number of findings (instances) that have an exception request opened for them.

MTTR

MTTR (Mean Time To Remediate) is the average time it had taken to remediate vulnerabilities from when it was identified to when it was remediated.

The lower the MTTR is, the better your organization is doing regarding the time it takes to remediate vulnerabilities.

Vulnerability Instances approaching SLA

Count of vulnerability instances approaching the SLA due date (~20% to due date).

Scan Coverage

Percentage of scanned assets.

The percentage of scan coverage is calculated this way:
[# of Unscanned Assets] / [# of All Assets]

Count of Scanned Assets

Scanned Assets are assets within your inventory that have undergone the scanning process through the scanner integrated with the Vulcan Cyber ExposureOS platform.

Count of Unscanned Assets

Unscanned Assets are assets that have been ingested from your inventory connector but have not undergone scanning through your scanner connector.

Percentage of Unscanned Assets

The percentage of unscanned assets.

Count of Unique Vulnerabilities

The number of unique vulnerabilities.

Count of Assets

The total number of assets.

Average Vulnerabilities per Asset

The average vulnerability per asset.

Did this answer your question?