Assurance Report Card Options

You can configure the following options for Assurance Report Cards (ARCs). For more information, see Assurance Report Cards.

Assurance Report Card Options

Option Description

General

Name

The name of the ARC.

Description

(Optional) A description for the ARC.

Schedule

Specifies how often the ARC polls data sources to obtain updates.

  • Daily (default) — The ARC polls data sources every 1-20 days at the specified time.

  • Weekly — The ARC polls data sources every 1-20 weeks at the specified time and day of the week.

  • Monthly — The ARC polls data sources every 1-20 months at the specified time and day of the month.

For example, Every 2 months on the fourth Thursday at 15:00 -4:00 indicates the ARC will poll data sources to obtain updates every two months, on the fourth Thursday of the month, at 15:00 in the America/New York timezone.

Policy Statements

Add Policy Statement Click to add a custom policy statement to the ARC. For more information, see Policy Statement Options.

Focus

Targets

Specifies the target hosts for the ARC to analyze:

  • All Systems — Targets all available hosts.

  • Assets — Targets the specified assets. For more information, see Assets.

    Tip: Use NOT, OR, and AND operators to exclude unwanted assets from the view.

  • IPs — Targets the specified IP addresses. You can specify single addresses, IP addresses in CIDR notation, and IP ranges.

  • Repositories — Targets the specified repositories. For more information, see Repositories.

If you want to match the specified assets or IP addresses against one or more repositories, select the repositories you want to match against.

Note: If an IP address you specified appears in two or more repositories you selected, the duplicated IP address negatively skews the ARC results.

Policy Statement Options

Option Description

Basic

Statement

Specifies pass/fail criteria for the policy statement.

Display

Specifies how the ARC displays the policy statement: Ratio (x/y), Percentage (%), or Compliant/Non-Compliant.

Advanced

Data Type

The type of data you want the ARC to analyze: Vulnerabilities or Events.

Base Filters

The filters used as the basis for data analysis.

Compliant Filters

The filters used to determine the compliance conditions for the data analysis. For more information, see Vulnerability Analysis and Event Analysis.

Note:  Filters set in Base Filters are not present in Compliant Filters, with exception of the Assets and Plugin IDs. All filters set in Base Filters are carried over into Compliant Filters.

Compliant Condition

Specifies the conditions to match for determining compliance. For more information, see Vulnerability Analysis and Event Analysis.

Specify a quantity: All, No, Any, > (greater than), < (less than), >= (greater than or equal to), and <= (less than or equal to).

Specify hosts: Hosts, Vulnerabilities, and Ports.

Drilldown Filters

The filters to apply when clicking on the ARC policy statement for more details. For more information, see Vulnerability Analysis and Event Analysis.