Vulnerability Management Dashboard

This Tenable-provided dashboard visualizes actionable insights for your vulnerability management program. Tenable Vulnerability Management updates dashboard data every time you run a scan.

Note: There may be a delay between when a scan completes and when the dashboard data updates while Tenable Vulnerability Management indexes the data.

To access the Vulnerability Management Overview dashboard:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, click Vulnerability Management.

    The Vulnerability Management Overview dashboard appears.

You can roll over individual items to reveal additional information or click on items to drill down into details behind the data.

Tip: All charts on the Vulnerability Management Overview show New, Active, and Resurfaced vulnerability data. However, the counts or data displayed on each chart may differ for other reasons. For example, the Vulnerability Priority Rating (VPR) widget organizes vulnerabilities by VPR category, but the Vulnerability Trending widget graphs vulnerabilities by CVSS-based severity category. For more information about how severity and VPR metrics compare, see CVSS vs. VPR.

In the Vulnerability Management Overview, you can interact with the following widgets:

Widget Action
Cyber Exposure News Feed

This widget highlights the most recent Tenable blog posts related to exposure incidents.

  • Click on a tile to navigate to the Tenable blog post.

  • Click the or button to collapse or expand the feed.

  • Click the or button to scroll through the tiles.

Statistics

This widget summarizes the highest severity vulnerabilities on for your network during the last 30 days.

  • View a count of your total vulnerabilities and counts for the highest severity vulnerabilities (Critical and High) during the past 30 days.

  • To view a list of vulnerabilities, click one of the counts.

    The Vulnerabilities page appears, filtered by a severity if you selected the Critical or High count. For more information, see View Vulnerabilities by Plugin.

  • View a count of your total licensed assets, your assets discovered during the last 7 days, and your assets discovered during the last and 30 days.

    If necessary, onboard your newly discovered assets.

  • To view a list of assets, click one of the counts.

    The Assets page appears, filtered by a time range if you selected the 7 days or 30 days count. For more information, see View Asset Details in the Assets Plane.

  • View a count of your scans run during the last 90 days and the percentage that succeeded and failed.

    To investigate your failed scans, review your scans with the status Aborted or Canceled. For more information, see View Scans.

  • To export the data in the widget, click the button and select a format.
CISA Alerts AA22-011A and AA22-047A

This widget provides a vulnerability count of risks associated with the CISA Alerts AA22-011A and AA22-047A vulnerabilities that have been identified or mitigated.

  • To view a list of related vulnerabilities by plugin, in the Vulnerabilities column, click one of the tiles.

    The Vulnerabilities page appears with results filtered by vulnerability state. For more information, see View Vulnerabilities by Plugin.

  • To view a list of related vulnerabilities by asset, in the Assets column, click one of the tiles.

    The Vulnerabilities page appears, filtered by vulnerability state. For more information, see View Vulnerabilities by Asset.

  • To export the data in the widget, click the button and select a format.
Vulnerability Priority Rating (VPR)

This widget summarizes the number of vulnerabilities on your network, organized by VPR. For more information, see CVSS vs. VPR.

  • To view a list of vulnerabilities filtered by a VPR range, click one of the tiles.

    The Vulnerabilities page appears, filtered by the range you selected. For more information, see View Vulnerabilities by Plugin.

  • To export the data in the widget, click the button and select a format.
SLA Progress: Vulnerability Age

This widget visualizes vulnerability counts by severity and by compliance with your Service Level Agreements (SLAs). To modify how Tenable Vulnerability Management calculates SLA severity, see General Settings.

  • To view a list of vulnerabilities, click one of the tiles.

    The Vulnerabilities page appears, filtered by severity. For more information, see View Vulnerabilities by Plugin.

  • To export the data in the widget, click the button and select a format.
Vulnerability Trending

This widget shows the cumulative number of Critical, High, Medium, and Low severity vulnerabilities on your network over time. For more information, see CVSS vs. VPR.

  • To show or hide data for a severity, click the boxes in the graph legend.

    The system updates the widget to show or hide the data you selected.

  • To view historical vulnerability count and severity data, roll over a point on the graph.

  • To view a list of current vulnerabilities, click a point on the graph.

    The Vulnerabilities page appears, filtered by the severity you selected and by New, Active, or Resurfaced state. For more information, see View Vulnerabilities by Plugin.

  • To export the data in the widget, click the button and select a format.
Critical and High Exploitable Vulnerabilities

This widget summarizes the number of Critical and High severity vulnerabilities on your network, organized by exploitability characteristic category. A single vulnerability may have multiple exploitability characteristics and count towards multiple categories.

  • To view the counts of your vulnerabilities by decreasing priority, view the categories and counts from left to right.

  • To view a list of vulnerabilities, click one of the bars on the graph.

    The Vulnerabilities page appears, filtered by Critical and High severity and the exploitability characteristic you selected. For more information, see View Vulnerabilities by Plugin.

  • To export the data in the widget, click the button and select a format.
Future Threats: Not Yet Exploitable Vulnerabilities

This widget summarizes the vulnerabilities that are not yet exploitable, determined by their Exploit Code Maturity and Vulnerability Publication Date.

  • To view the counts of your vulnerabilities by decreasing priority, view the categories and counts from upper left to lower right. Tenable recommends addressing vulnerabilities with proof-of-concept before those with no known exploit.

  • To export the data in the widget, click the button and select a format.
Vulnerability Age

This widget summarizes the age of your vulnerabilities (by Vulnerability First Seen date), organized by severity, to help you manage your SLAs. For more information about severity, see CVSS vs. VPR.

  • To view a list of vulnerabilities, click one of the vulnerability counts.

    The Vulnerabilities page appears, filtered by the Vulnerability First Seen date and severity you selected. For more information, see View Vulnerabilities by Plugin.

  • To export the data in the widget, click the button and select a format.