Vulnerability Management Overview (Explore)

The Vulnerability Management Overview (Explore) dashboard provides executive management with a summary of risk information at a glance, while enabling security analysts to drill down into technical details by clicking on the widgets. Tenable Vulnerability Management updates the dashboard data each time you run a scan.

Note: There may be a delay between the time when a scan completes and when the dashboard data updates while Tenable Vulnerability Management indexes the data.

Hovering over individual items reveals a data summary that you can click to drill down for further details.

In the Vulnerability Management Overview (Explore), you can interact with the following widgets:

Widget	Action
Cyber Exposure News Feed	This widget highlights the most recent Tenable blog posts related to exposure incidents. Click on a tile to navigate to the Tenable blog post. Click the or button to collapse or expand the feed. Click the or button to scroll through the tiles.
Severity Statistics by Source	The widget provides a count of vulnerabilities collected through multiple sources: Tenable Nessus scan and Tenable Nessus Agents. The numbers displayed in this widget use severity to determine the precedence of vulnerabilities to mitigate. To view the list of assets for a specific category, click on the summary information in the relevant category. The Findings page appears with details about the assets detected for the category. To export the data in the widget, click the button and select a format.
Tenable Research Advisory	This widget provides two indicators for current major threats discovered by Tenable Research. The red indicator signifies the presence of the relevant vulnerabilities, while the green indicator is enabled when these vulnerabilities are patched. Click on the tiles to display a Findings page with details about the assets detected for Missing Patches and Applied Patches. To export the data in the widget, click the button and select a format.
Vulnerability Priority Rating (VPR)	This widget displays vulnerabilities grouped by Vulnerability Priority Rating (VPR). VPR is the output of Tenable's predictive prioritization process which it is continually updates to accommodate the evolving threat landscape. Following the initial scan of an asset on the network, Tenable computes an initial VPR using a machine-learning algorithm that analyzes more than 150 different aspects of each vulnerability to determine the level of risk. Vulnerabilities listed on the left have the highest VPR, while those on the right have the lowest. For more information, see CVSS vs. VPR. To view the asset details detected in a specific range, click on a VPR range. The Findings page appears with details about the assets detected in the selected range. To export the data in the widget, click the button and select a format.
SLA Progress: Vulnerability Age	This widget helps organizations manage Service Level Agreements (SLAs) by providing a vulnerability view organized by Vulnerability Priority Rating (VPR) Score and Vulnerability Age. Tenable calculates the vulnerabilities that do not meet SLAs using a date filter for within the last X days. The vulnerabilities that meet SLAs use a date filter for older than X days. When you apply default SLA settings: Critical: row uses VPR greater than 9.0. High: row uses VPR between 7.0-8.9. Medium: row uses VPR between 4.0-6.9. Low: row uses VPR between 0-3.9. To know how Tenable Vulnerability Management calculates SLA severity, see General Settings. To view the list of assets detected for a specific category, click on the summary information under the SLA categories. The Findings page appears with details about the assets. To export the data in the widget, click the button and select a format.
Critical and High Exploitable Vulnerabilities	This widget focuses on the most severe current threats, critical, and high exploitable vulnerabilities to help prioritize remediation. Each bar represents vulnerabilities grouped by an exploitability characteristic. Exploited by Malware: Vulnerabilities that can be exploited by malicious software, such as viruses, worms, spyware, adware, and ransomware. Remotely Exploitable (Low Complexity): Vulnerabilities that can easily be exploited remotely and require little skill or information gathering to exploit. Locally Exploitable (Low Complexity): Vulnerabilities that can easily be exploited with local access and require little skill or information gathering to exploit. Exploited by Framework (Metasploit): Vulnerabilities that have publicly available exploit code imported into various exploit frameworks, such as Metasploit, pose risks. These common exploit frameworks are easily accessible, which both security researchers and malicious attackers use. Remotely Exploitable (High Complexity): Vulnerabilities that can be exploited remotely, but require a high degree of skill and information gathering to exploit. Note: These groupings are not mutually exclusive, as a single vulnerability can fall into multiple exploitability categories. Tenable recommends prioritizing remediation starting with vulnerabilities in the left-most column, Exploited by Malware. To view details about assets for a specific category, click one of the bars on the graph. The Findings page appears with details about assets detected for the category. To export the data in the widget, click the button and select a format.
Future Threats: Not Yet Exploitable Vulnerabilities	This widget provides a view of vulnerabilities based on exploit code maturity and vulnerability publication date. The columns display counts of published vulnerabilities within the specified time period present in the organization. The rows display the exploit code maturity, where Proof of Concept is more serious than Unproven Exploit. To view the list of assets for a specific category, click on the counts under the Published categories. The Findings page appears with details about the assets detected for the category. Tip: Tenable recommends addressing vulnerabilities with proof-of-concept before those with no known exploit. To export the data in the widget, click the button and select a format.
Scan Health	This widget provides a summary of scan health in relation to authentication success and failures. The five columns display asset counts related to: Authentication Success - Scans authenticate successfully with full administrator/root privileges. Scan results are the most comprehensive. Success but Insufficient Access - Scans authenticate successfully, but do not have privileged access. Scan results are limited to the scope of a local non-privileged user. Success but Intermittent Failure - Scan credentials intermittently fail, which result from session rate limits, session concurrency limits, or other issues preventing consistent authentication success. Authentication Failure (Credentials) - Incorrect credentials provided. To view the list of assets that falls in a specific category, click the required category. The Findings page appears with details about assets detected for the category. To export the data in the widget, click the button and select a format.
Vulnerability Age: Managing SLAs	This widget provides a view of vulnerabilities based on severity and age. The columns display counts of published vulnerabilities within the specified time period present in the organization. The rows display the severity level of the vulnerability. To view asset details for a specific category, click vulnerability count in the required category. The Findings page appears with details about assets detected for the category. To export the data in the widget, click the button and select a format.