This feature is available to all users with a Pro, Premium or Vanguard plan.
What is it?
Unlike your dashboard (which is a snapshot of your security posture now), the Analytics page tracks your exposure over time and showcases how well your team have performed in any given date range.
Filters
You can filter by tag or target
Specify the date range (if you choose three months, the 'previous period' will be the three months prior to that).
You can also toggle between grouping by issue or occurrence (though, please note some widgets are bound to occurrences).
The widgets explained
Issues
Open Issues
What: The number of issues that were open on the last day of the selected time period.
Why: So you can spot trends. For example: If you have more open issues this quarter, than you did last – your team might be under-resourced; and if you have fewer this month than you did last month – whatever you have in place appears to be working well.
New Issues
What: The total number of issues that were detected during the time period specified and not present in the previous period. (It can include issues that remain open or have since been fixed).
Why: Again, this is to help you spot trends. If the number increases, it might be worth exploring whether your attack surface has expanded (perhaps unintentionally) or whether there is a shortfall in your patch management programme.
Fixed Issues
What: The total number of remediated active issues (excluding issues that have been snoozed), either newly found or existing.
Why: Designed to help you monitor you team's performance when it comes to remediation efforts and ensure that you're prioritising based on severity rating.
Days to fix
What: The average number of days between an occurrence being detected to it being fixed – grouped by severity - for the time period specified.
Why: Similar to above, it is designed to help you track team performance and understand if they're prioritising the right vulnerabilities.
Attack Surface
Most vulnerable targets
What: The targets with the most un-remediated occurrences at the end of the selected time period.
Why: Helps you understand which target(s) need immediate attention, so you can prioritise resource.
New services
What: The number of new services discovered during the time period specified.
Why: Helps you understand if your attack surface is growing (whether intentionally or not).
Scanned targets
What: The total number of targets that were scanned during the period, be it one-off scans; scheduled scans; remediations scans or Emerging Threat Scans.
Why: So you can understand how much of your attack surface added to Intruder is being actively scanned.
Monitor performance
Emerging threats
What: The number of emerging threat checks which have been run on your attack surface during the specified period; a breakdown of the severity of the scans, and whether they passed/failed.
Why: Understanding whether you are consistently failing ETS checks, will help you understand your team's performance and whether it's improving or worsening.
When: You click on All clear it takes you through to the ETS page, filtered by the date range.
Days between scans
What: The total number of assessments run and the average (mean) interval between them, for the date range specified.
Why: Understanding how often you're scanning your attack surface (the more frequent the better!)
When: You click on View scans it takes you through to scans page, filtered by the same dates.
Cyber hygiene
What: Your cyber hygiene score at the end of the current period, compared to your cyber hygiene score at the end of the previous period.
Why: A high-touch snapshot of your team's commitment to safeguarding your attack surface over time.