About
Vulcan Cyber ExposureOS Self-Service Reports (Analytics) allows you to Customize a Widget to create and personalize widgets according to your unique preferences and control the data you visualize and how you interact with it.
Creating a customized widget
Utilize Vulcan Cyber ExposureOS widget builder to create and personalize visuals quickly.
Go to Reports.
Click on an existing customized report or "Add a Report" to create a new custom report.
Click on an existing custom widget to edit it, or click "Add widgets" to begin designing your new visual.
In the widget builder, select the widget type, title, axis, legend, and tooltips to present the desired information. Example: Choose a bar chart, set the title as "Vulnerabilities Over Time," specify the X-axis as "Months," etc.
Once the widget is configured, click "Create" to add it to the new report.
Widget types
The following widget types are available to use:
Column Chart
Bar Chart
Pie Chart
Line Chart
Area Chart
Card
Multiple Value Card
Clustered Column Chart
Clustered Bar Chart
Scatter Chart
100% Bar chart
100% Column Chart
Building a Table widget
The Vulcan Cyber ExposureOS platform also supports table-formatted widgets, allowing you to organize and display data in a structured table format, directly responding to user requests for more customizable data views.
From the home page dashboard, go to Reports.
Click on Add a Report to start creating a customized report.
Inside your report, select Add widgets to add new data visualizations.
Click on Create new widget to begin configuring your widget.
In the Select widget type dropdown, choose Table.
Customize Your Widget:
Add the desired Columns and Measures to organize your data. You can customize these to match the data you want to display in a tabular format.
View and Export Data:
Once the widget is created, view the data in table format directly within the platform. If needed, you can export the table as an Excel file for further use.
Customization options
For each widget you build, you need to grant it a name, write an indicative description (optional), select the visual type, and define the fields (x and y axis). You can customize the following:
Category (X-Axis) organizes data points.
Values (Y-Axis) represent the actual measurements.
Legend explains different elements or data series.
Tooltip offers supplementary information when hovering over data points.
Category (x-axis)
The categories on the x-axis refer to distinct items being compared or displayed in the graph.
For example, in a Line Chart comparing MTTR data of External Facing Assets across different Months, the months would be the categories on the x-axis.
X-axis option | Description |
Day | Presents data per day |
Month | Presents data per month |
Quarter | Presents data per quarter |
Asset Type | Presents data by asset type (Host, Code Project, Image, Cloud Resource) |
Risk Level | Presents data by Risk Level (Critical, High, Medium, Low) |
Business Group | Presents data per business group. |
Ownership | Presents data per Dynamic tag. |
External Facing | Presents data per external facing asset. |
Discovery Age | Show data by the discovery age of vulnerabilities in days (<30d, 30d-60d, 60d-90d, >90d) |
Values (y-axis)
The values, represented on the y-axis, correspond to the data points or measurements in the graph. The y-axis represents the scale or numerical range against which these values are plotted.
For example, in a Column Chart showing Assets by Type (x-axis), the y-axis can indicate the SLA-Compoliancy for each category on the x-axis.
Y-axis option | Description |
SPR | SPR threshold (0%-100%).
SPRis the percentage of assets that comply with the security posture policy of the organization. The higher the SPR is, the more compliant your environment is with the organization's security posture. |
Risk Mass | Risk mass is the sum of all the calculated atomic risks of all findings (instances) at a given time. |
Vulnerability Instances | Findings (instances) count. |
Asset SLA Compliance | Percentage of assets compliant with the organizational SLA policy.
The SLA defines the days for a Critical/High/Medium/Low vulnerability to be fixed. Assets compliant with SLA are assets within the time-to-fix range defined in the SLA policy. |
Campaign Coverage | Percentage of the category in the x-axis covered in campaigns (have a remedy campaign/ticket opened for them) |
Assets SLA Exceeding | The count of assets exceeding their SLA policy (past the due date to be fixed as defined in the SLA policy). |
Percentage of Assets SLA Exceeding | The percentage of assets exceeding their SLA. |
Average Vulnerability Age | Show data by the average vulnerability age in days (vulnerability age = the day a vulnerability was first identified on the asset). |
Count of Exception Requests | The number of exception requests opened for the category in the x-axis.
The Vulcan Cyber ExposureOS platform allows organizations to apply their risk-acceptance policy on vulnerabilities. The Exception Request flow in Vulcan Cyber ExposureOS enables users to create exception requests for vulnerabilities received in remediation tickets. |
Vulnerability Instances with Exception Requests | The number of findings (instances) that have an exception request opened for them.
|
MTTR | MTTR (Mean Time To Remediate) is the average time it took to remediate vulnerabilities from when it was identified to when it was remediated.
The lower the MTTR is, the better your organization is doing regarding the time it takes to remediate vulnerabilities. |
Vulnerability Instances approaching SLA | Count of vulnerability instances approaching the SLA due date (~20% to due date). |
Scan Coverage | Percentage of scanned assets. The percentage of scan coverage is calculated this way: |
Count of Scanned Assets | Scanned Assets are assets within your inventory that have undergone the scanning process through the scanner integrated with the Vulcan Cyber ExposureOS platform. |
Count of Unscanned Assets | Unscanned Assets are assets that have been ingested from your inventory connector but have not undergone scanning through your scanner connector. |
Percentage of Unscanned Assets | The percentage of unscanned assets. |
Count of Unique Vulnerabilities | The number of unique vulnerabilities. |
Count of Assets | The total number of assets. |
Average Vulnerability per Asset | The average vulnerability per asset. |
Legend
The legend is a visual guide that explains the meaning of different elements or data series in the graph. Each entry corresponds to a distinct color, pattern, or marker used in the graph.
For example, in a 100% Bar Chart showing the risk mass of vulnerabilities for the different asset types, the legend might explain the distribution of the risk mass across the affected Business Groups.
Legend | Description |
Asset Type | Presents a legend of asset type (Host, Code Project, Image, Cloud Resource) |
Risk Level | Presents a legend of Risk Level (Critical, High, Medium, Low) |
Business Group | Presents a legend of business groups. |
Ownership | Presents a legend of Dynamic tags. |
External Facing | Presents a legend of external facing assets. |
Discovery Age | Presents a legend of the discovery age of vulnerabilities in days (<30d, 30d-60d, 60d-90d, >90d) |
Tooltip
A tooltip is a brief, contextual piece of information that appears when hovering over a specific data point or element in the graph. It provides additional details about that particular data point, helping the viewer understand its significance without cluttering the main graph area. Tooltips help give quick insights and aid in data exploration.
Tooltip option | Description |
SPR | SPR threshold (0%-100%).
SPRis the percentage of assets that comply with the security posture policy of the organization. The higher the SPR is, the more compliant your environment is with the organization's security posture. |
Risk Mass | Risk mass is the sum of all the calculated atomic risks of all findings (instances) at a given time. |
Vulnerability Instances | Findings (instances) count. |
Asset SLA Compliance | Percentage of assets compliant with the organizational SLA policy.
The SLA defines the days for a Critical/High/Medium/Low vulnerability to be fixed. Assets compliant with SLA are assets within the time-to-fix range defined in the SLA policy. |
Campaign Coverage | Percentage of the category in the x-axis covered in campaigns (have a remedy campaign/ticket opened for them) |
Count of Assets SLA Exceeding | Count of assets exceeding their SLA policy (past the due date to be fixed as defined in the SLA policy). |
Percentage of Assets SLA Exceeding | The percentage of assets exceeding their SLA. |
Average Vulnerability Age | Show data by the average vulnerability age in days (vulnerability age = the day a vulnerability was first identified on the asset). |
Count of Exception Requests | The number of exception requests opened for the category in the x-axis.
The Vulcan Cyber ExposureOS platform allows organizations to apply their risk-acceptance policy on vulnerabilities. The Exception Request flow in Vulcan Cyber ExposureOS enables users to create exception requests for vulnerabilities received in remediation tickets. |
Vulnerability Instances with Exception Requests | The number of findings (instances) that have an exception request opened for them.
|
MTTR | MTTR (Mean Time To Remediate) is the average time it had taken to remediate vulnerabilities from when it was identified to when it was remediated.
The lower the MTTR is, the better your organization is doing regarding the time it takes to remediate vulnerabilities. |
Vulnerability Instances approaching SLA | Count of vulnerability instances approaching the SLA due date (~20% to due date). |
Scan Coverage | Percentage of scanned assets. The percentage of scan coverage is calculated this way: |
Count of Scanned Assets | Scanned Assets are assets within your inventory that have undergone the scanning process through the scanner integrated with the Vulcan Cyber ExposureOS platform. |
Count of Unscanned Assets | Unscanned Assets are assets that have been ingested from your inventory connector but have not undergone scanning through your scanner connector. |
Percentage of Unscanned Assets | The percentage of unscanned assets. |
Count of Unique Vulnerabilities | The number of unique vulnerabilities. |
Count of Assets | The total number of assets. |
Average Vulnerabilities per Asset | The average vulnerability per asset. |