Skip to content

Dashboard

The central emphasis of the CISO Dashboard lies in its statistical portrayal of pertinent features within a structured reporting framework. Predominantly characterized by its static nature, the dashboard offers users the capability to interact dynamically with chart elements, such as Score Trend and Change over Time, by hovering over them. This feature enables users to access instant snapshot information corresponding to the specific recorded moment in time, enhancing the dashboard's utility and user experience.

Exposure Score

The Exposure Score serves as a comprehensive indicator of an organization's overall exposure level. A higher score correlates with increased exposure and signifies a less favorable security posture for the organization. This score is derived from the amalgamation of the Threat Exposure, Defense Surface, and Asset Exposure scores. Notably, the score is constrained within a range of 0 to 1000, providing a standardized metric for evaluating and benchmarking security resilience.

Threat Exposure

The Threat Exposure Score, ranging from 0 to 1000, quantifies the inherent risk confronting a particular organization from adversarial activities. A higher score denotes heightened overall threat exposure and risk for the organization. This metric is predicated upon the organization's Threat Profile and Interpres' comprehensive threat intelligence. Consequently, an organization operating within a large enterprise across multiple countries within a high-risk industry sector typically commands a higher score compared to a smaller entity operating in a low-risk sector. Nevertheless, the variance in this score among organizations is constrained by the propensity of many adversaries' campaigns to target a broad spectrum of entities.

Of the three constituent scores comprising the Exposure Score, the Threat Exposure Score exhibits the least variability. Modifying this score is challenging, barring measures such as curtailing platform usage, restricting operational jurisdictions, and regulating data collection practices. Nonetheless, the score may undergo gradual changes over time as adversarial threat groups pivot towards different industry sectors, countries, data categories, or platforms.

Defense Surface

The Defense Surface Score, ranging from 0 to 1000, reflects an organization's defensive capabilities against prioritized threats. Unlike other metrics, a higher Defense Surface Score signifies enhanced resilience. This score is augmented by known detections, current visibility, and active controls, sourced from an organization's integrated systems and manually uploaded data.

The Defense Surface offers users real-time insights, dynamically adjusting based on installed and active integrations within their profile. To expedite score improvement, users should prioritize actions recommended for enhancing detection, visibility, and control measures.

Asset Exposure

The Asset Exposure Score, ranging from 0 to 1000, serves as an indicator of an organization's asset vulnerability. It supplies users with a comprehensive overview, including a link to the log list of Vulnerable Assets, a breakdown of Platform vulnerabilities, and a "Top 5" CVE list, detailing severity and the count of affected assets per CVE (if multiple are pertinent).

Primarily driven by the quantity and severity of actively exploited vulnerabilities across an organization's assets, this score exhibits frequent fluctuations. Maintaining a low score necessitates robust patch management practices within the organization.

Score Trend

The Score Trend feature presents a dynamic chart illustrating logged data spanning the preceding 90 days, approximately equivalent to a three-month period. When users hover over the "X" axis, they receive a daily popup containing pertinent information regarding:

  • Asset Exposure
  • Exposure Score
  • Defense Surface
  • Threat Exposure

Activity Feed

The Interpres Activity Feed provides users with a near real-time stream of updates pertaining to alterations in security products within their environment, alongside newly introduced content from Interpres or other reputable sources (e.g., MITRE ATT&CK™).

Prioritized Technique Content

Prioritization and color categorization are determined by Coverage values across various MITRE ATT\&CK™ categories, including but not limited to:

  • Execution
  • Command and Control
  • Initial Access
  • Persistence
  • Credential Access
  • Defense Evasion
  • Privilege Escalation
  • Collection
  • Discovery

Additionally, upon hovering over each block within the interface, users are presented with the associated Technique along with its corresponding score. Furthermore, clicking on a specific block provides a dynamic link to the associated Technique Details window for further exploration.