Understand the Dashboard

Site Header

The site header, located on every page, grants access to some primary Fortra VM features.

1. Product

   Displays the currently engaged Fortra VM product. Those with active subscriptions to Fortra Vulnerability Management and Web Application Scanning can use the drop-down arrow to toggle between each product's interface.

2. Business Group

   All data and accessibility within Fortra VM is filtered according to the selected business group's parameters. Define custom business groups according to your organization's needs and switch between each here in the header. To setup business groups, see Business Groups.

3. Region

   The header will display the engaged region for your Fortra VM product.

4. + New Menu

   Select the New button on the header to see a display of quick actions you can perform from anywhere in Fortra VM. New menu options include selectors to create a new Account, Asset Group, Report, Scan, and User. WAS users will see options in the New menu for creation of a new Web App and Web App Group.

5. Notifications

   Select the envelope icon in the header to see a display of notifications you received. The number of unread notifications will display with the envelope by a red number. To modify notification preferences, including email notifications, see Notifications.

6. User Menu

   When selected, the user menu in the header will open a menu for access to My profile, Manage Notificaitons, Change Password, Hide help, Report an issue, and Sign out.

Navigation Menu

The navigation menu, located on every page, gives you access to Fortra VM tools and features. Each item in the navigation menu will expand when selected to show additional options. The side navigation menu is your primary access point for all features within Fortra VM.

Network Summary

The Network Summary panel provides an overview of the network’s security posture. Each item can be clicked for direct routing to filtered data used to quantify the displayed scores.

Fortra VM Network Summary Components

1. Internal Security GPA

   The weighted average of evaluated assets vulnerable to internal attacks (i.e., inside your network).

2. External Security GPA
   

   The weighted average of evaluated assets vulnerable to external attacks (i.e., outside your network).

3. Assets

   Evaluated assets identified in Fortra VM.

4. Vulnerabilities

   The number of vulnerabilities discovered in your environment.

5. Malware Infections

   The number of new malware infections identified from the last scan.

6. Most Recent Scan

   Time elapsed since the last scan was preformed.

7. New Scanner Checks

   The number of consolidated vulnerability checks (CVCs) newly added to the scanner.

8. Average Threat Rank

   The average rank score attributed to the vulnerabilities found on your network. To learn more about Threat Rank, see Threat Rank™.

9. Average Active Risk Score

   The average of the Active Risk Scores of rated assets and vulnerabilities to define the actual risk exposure. See Active Risk Scores rate assets and vulnerabilities based on client-selected risk profiles to define actual risk exposure. for more details.

WAS Network Summary Components

1. Security GPA

   The weighted average of evaluated web applications vulnerable to attacks.

2. Web Apps

   The number of evaluated web apps.

3. Vulnerabilities

   The number of vulnerabilities discovered in your environment.

4. Most Recent Scan

   Time since the completion of a previous scan.

5. New Scanner Checks

   The number of consolidated vulnerability checks (CVCs) newly added to the scanner.

6. Allotted Web Apps

   The number of web applications currently utilized and allotted on your subscription

Trending Graphs

Trending graphs in the At a Glance dashboard provide additional data about vulnerability age and vulnerability remediation time trends. Only certain trend lines have been selected by default, and this is to highlight specific trends over others. Additionally, cloud statistics are now gathered and included in these graphs.

All Security GPA trending graphs have been modified to include a distinction between Security GPA generated from unauthenticated vulnerabilities only vs Security GPA generated from all vulnerabilities. This distinction extends to graphs in Fortra VM as well as PDF reports.

Trending Security GPA

The Trending Security GPA panel shows the progress in making your environment more secure.

1. Your security GPA before the most recent scan.

2. The Security GPA following the most recent scan.

3. Data sets represented in lines on the trend graph. Each item can be designated to be shown or hidden based on your preference, click each title to show or hide on the graph.

   NOTE: Cloud GPA is an anonymous and broad compilation of client data to help you evaluate how your data compares to other organizations.

4. The graph helps you visualize you data progress over the past yea and how aspects of your network affect your organizations overall Security GPA.

   TIP: Hover over a data point on the graph to see your exact score at a point in time.

Rated Vulnerability Distribution

The Rated Vulnerability Distribution shows you how severe the vulnerabilities in your environment are.

1. The number of vulnerabilities discovered in your environment before the most recent scan.

2. The number of vulnerabilities discovered in your environment following the most recent scan.

3. Vulnerabilities discovered in your environment categorized as follows:

   • Critical - Allows full system access and is easily exploitable.

   • High - Allows full system access but is not easily exploitable.

   • Medium - Allows some system access and partial control.

   • Low - Does not allow substantial system access but involved some information exposure.

   • Trivial - Tied to minor vulnerabilities but is not useful to an attacker.

   TIP: To learn more about specific vulnerabilities, hover over, or select, the bar for the severity level you are interested in [e.g., Critical].

Assets At Risk

This Assets At Risk panel shows Fortra VM clients their top-five most vulnerable assets which can be sorted by Severity or by Threat Rank.

1. Asset's Security GPA

2. Asset Name
   Click to view vulnerabilities found on this asset.

3. Bar graph of severity levels of an asset's vulnerabilities

   TIP: Hover to see specific data sets (e.g. number of medium vulnerabilities on asset).

4. Asset IP address

5. Asset status icons

   Hover over each one for a description.

6. Asset operating system and type

At-Risk Applications

In WAS the At-Risk Applications panel shows your top-five most vulnerable web applications.

1. Web application's Security GPA

2. We application's name

   Click to view this web application's specific vulnerabilities

3. Bar graph displays the severity levels of a web application's vulnerabilities.

   Hover for specific data set information.

4. Web application's status.

Vulnerabilities You Should Fix

The Vulnerabilities You Should Fix panel shows the vulnerabilities that most need your attention. These can be sorted by Severity or Threat Rank.

1. Vulnerability class and severity level:

   • Explicit

   • Potential

   • Recon

   • Compliance

   • Malware

   For more details, see FAQ

2. Vulnerability description

3. Vulnerability instance on your environment

Recent Scanner Releases

The Recent Scanner Releases panel provides information about DDI NIRV™ or WAS Scanner releases (including release notes and new checks, which link to Support Menu > Vuln Dictionary).

Recent Fortra VM Releases

The Recent Releases panel provides information about Fortra VM releases, including release notes.