At Rapid7, we are always looking to make improvements to provide more value to our customers. We've listened and in Nexpose 5.10, we've redesigned all the charts in the Nexpose user interface to give you information you care about at a quick glance. And better yet, we've made the charts interactive…yes…you can now interact with the charts to filter and drill-down into specific information to perform deeper analysis.
Now let's take a look at each of the new charts and see how they'll help you.
Risk and Assets over Time Chart
The first chart you will notice is on the Nexpose Home page and it tells you if your security program is doing better or worse. Easily be able to see how your risk is trending over time and if you need to make any adjustments.
This new chart shows trends of risk score and number of assets over time. As you increase the number of assets in your environment, you risk can increase too. You can easily see if your risk is growing because you are increasing the number of assets. It's important that as you communicate risk trends you give insights into how your environment is changing.
It shows a year's worth of data by default, if you haven't been using Nexpose for that long the chart will adjust to show only the months applicable. Each point of data on the chart represents a week.
Interaction with Charts
- By using the search filter at the top left of the chart, you can enter the name of a site or asset group to narrow the results that appear in the chart pane to only show data for that specific site or group.
- You can click and drag to select a smaller, specific timeframe to zoom in and view those details. Selecting the Reset/ Zoom button will change the view to the previous settings.
- Hovering your mouse over a point of data will show the date, the risk score and number of assets for the data point.
- Selecting the icon on the top left of the chart window lets the user export and print a chart image.
At the bottom of the Risk and Assets Over Time chart on the Home page there is a table that displays important summary information about your network and critical areas of risk. Each of these table cells is selectable, so you can click and directly view your highest-risk site, asset group, asset or tag by clicking on the table so you can focus and take action for the areas of your network that need it.
Site Summary Page Charts
The next charts you'll notice are on the Site Summary page that help you see trending details as well as identify risky asset outliers.
For the trend chart, the default selection matches the Home page “Risk and Assets Over Time chart”, but only shows you the trends for this site. And additional feature on this page that isn't on the Home page is that you can use the drop down menu to choose to view Vulnerabilities Over Time as another site level trend chart. This will show you the total number of vulnerabilities over time for the site.
Note: The vulnerability trend chart requires us to store vulnerability data differently and you'll be able to see the vulnerability trending going forward after you upgrade to 5.10.
For the “The Assets by Risk and Vulnerabilities” scatter plot chart, you have the ability to easily spot outliers so you can quickly identify assets that put your organization at highest risk. You can take action on these assets by clicking on the dot directly in the chart, then you'll be redirected to the asset details page. From this page you can find out more about the asset, determine where the risk is coming from, and create a targeted remediation report.
Note: The scatter plot shows a maximum of 7,000 assets at the site level. If a site has more than this amount of assets, a bubble chart view first appears. You can refine your view by selecting a bubble and showing the scatter plot for that bubble.
Interaction with Charts
- You can click and drag to view a subset of assets. Selecting the Reset button will change the view to the previous settings.
Pie Charts on the Assets and Vulnerability Pages
The Assets page and Vulnerabilities page have been updated with pie charts so you can see more information about your vulnerability status as well as interact with that data.
On the Assets page, two new pie charts show Assets by Operating System on the left, and Exploitable Assets by Skill Level on the right. The operating system pie chart is a drill-down – meaning you can select an operating system to view a further breakdown of the category selected. For example, if Microsoft is selected for the OS you will then see a listing of all Windows OS versions present, such as Windows Server 2008, Windows Server 2012, etc.
The pie chart on the right shows Exploitable Assets by Skill Level, which is a breakdown of how many of your assets are exploitable by a Novice, Intermediate, or Expert level. Novice level is the easiest to exploit, and the ones you want to pay attention to the most. The same pie chart shows on the Vulnerabilities page, but with the chart representing the Exploitable Vulnerabilities by Skill level instead of Assets.
The Vulnerabilities page also has a pie chart that shows the breakdown of vulnerabilities by CVSS score. CVSS is calculated by metrics related to access complexity, required authentication, and impact on data. The score ranges from 1 to 10, with 10 being the worst.
Trend Charts at the Asset Groups and Asset Level
To view risk over time and vulnerabilities over time for Asset Groups, we have added the same chart that appears on the Home page:
Finally, we have added an Asset trend chart for each specific asset, which gives you the ability to view risk or vulnerabilities over time for a single asset.
Please let us know what you think of the new interactive charts. So far, the feedback has been great, but we are always looking to improve and welcome any feedback you have.
Check out this video for more on the new charts:
Sound off in the comments below!!