Understanding the Dashboard

The Dashboard is the WAS homepage when you are logged in. It gives you an overall idea of your environment’s security posture.

Site header

The site header, located on every page, grants access to some primary WAS features.

  1. Business Group

    All data and accessibility within WAS is filtered according to the selected business group's parameters. Define custom business groups according to your organization's needs and switch between each here in the header. To setup business groups, see Business Groups.

  2. Region

    The header will display the engaged region for your WAS product.

  3. Notifications

    Select the bell symbol in the header to see a display of notifications you received. The number of unread notifications will display with the envelope by a red number. To modify notification preferences, including email notifications, see Notifications.

  4. User Menu

    When selected, the user menu in the header will open a menu for access to My profile, Manage Notifications, Change Password, Hide help, Report an issue, and Sign out.

Navigation menu

The navigation menu, located on every page, gives you access to WAS tools and features. Each item in the navigation menu will expand when selected to show additional options. The side navigation menu is your primary access point for all features within WAS.

Network summary

The Dashboard's Network Summary panel provides an overview of the network’s security posture. You can select each item for direct routing to filtered data used to quantify the displayed scores.

    Frontline WAS dashboard | Network Summary panel components

  1. Security GPA

    The weighted average of evaluated web applications vulnerable to attacks.

  2. Web Apps

    The number of evaluated web apps.

  3. Vulnerabilities

    The number of vulnerabilities discovered in your environment.

  4. Most Recent Scan

    Time since the completion of a previous scan.

  5. New Scanner Checks

    The number of consolidated vulnerability checks (CVCs) newly added to the scanner.

  6. Allotted Web Apps

    The number of web applications currently utilized and allotted on your subscription

Trending graphs in the At a Glance dashboard provide additional data about vulnerability age and vulnerability remediation time trends. Only certain trend lines have been selected by default, and this is to highlight specific trends over others. Additionally, cloud statistics are now gathered and included in these graphs.

All Security GPA trending graphs have been modified to include a distinction between Security GPA generated from unauthenticated vulnerabilities only vs Security GPA generated from all vulnerabilities. This distinction extends to graphs in Fortra VM as well as PDF reports.

Trending Security GPA

The Trending Security GPA panel shows the progress in making your environment more secure.

  1. Your Security GPA before the most recent scan.

  2. The Security GPA following the most recent scan.

  3. Data sets represented in lines on the trend graph. Each item can be designated to be shown or hidden based on your preference, select each title to show or hide on the graph.

    NOTE: Cloud GPA is an anonymous and broad compilation of client data to help you evaluate how your data compares to other organizations.

  4. The graph helps you visualize you data progress over the past yea and how aspects of your network affect your organizations overall Security GPA.

    TIP: Hover over a data point on the graph to see your exact score at a point in time.

The Rated Vulnerability Distribution shows you how severe the vulnerabilities in your environment are.

  1. The number of vulnerabilities discovered in your environment before the most recent scan.

  2. The number of vulnerabilities discovered in your environment following the most recent scan.

  3. Vulnerabilities discovered in your environment categorized as follows:

    1. Critical - Allows full system access and is easily exploitable.

    2. High - Allows full system access but is not easily exploitable.

    3. Medium - Allows some system access and partial control.

    4. Low - Does not allow substantial system access but involved some information exposure.

    5. Trivial - Tied to minor vulnerabilities but is not useful to an attacker.

      6. TIP: To learn more about specific vulnerabilities, hover over, or select, the bar for the severity level you are interested in [e.g., Critical].

OWASP Top 10 Breakdown

WAS dashboard features this additional data panel. The (Open Web Application Security Project) OWASP Top 10 Breakdown panel shows the number of vulnerabilities in your environment that fall under each OWASP Top 10 risk. The OWASP Top 10 is a list of the most critical application security risks as determined by the OWASP and is a widely adopted AppSec benchmark.

Select an OWASP risk to see its related vulnerabilities.

See related: To learn more about the OWASP Top 10, see OWASP Top 10 Application Security Risks.

Assets At Risk

The Assets At Risk panel shows Fortra VM clients their top-five most vulnerable assets which can be sorted by Severity or by Threat Rank.

    At-Risk Assets panel components

  1. Asset's Security GPA

  2. Asset Name - Select to view vulnerabilities found on this asset.

  3. Bar graph of severity levels of an asset's vulnerabilities

    TIP: Hover to see specific data sets (for example, number of medium vulnerabilities on asset).

  4. Asset IP address

  5. Asset status icons - Hover over each one for a description.

  6. Asset operating system and type

At-Risk Applications

In WAS, the At-Risk Applications panel shows your top-five most vulnerable web applications.

  1. Web application's Security GPA

  2. We application's name - Select to view this web application's specific vulnerabilities

  3. Bar graph displays the severity levels of a web application's vulnerabilities - Hover for specific data set information.

  4. Web application's status.

Vulnerabilities You Should Fix

The Vulnerabilities You Should Fix panel shows the vulnerabilities that most need your attention. These can be sorted by Severity or Threat Rank.

    Vulnerabilities You Should Fix panel components

  1. Vulnerability class and severity level:

    1. Explicit

    2. Potential

    3. Recon

    4. Compliance

    5. Malware

    For more details, see FAQs

  2. Vulnerability description

  3. Vulnerability instance on your environment

Recent Scanner Releases

The Recent Scanner Releases panel provides information about Network Scanner or WAS Scanner releases (including release notes and new checks, which link to Support > Vuln Dictionary).

Frontline VM dashboard | Recent Scanner Releases

Recent Fortra VM Releases

The Recent Releases panel provides information about Fortra VM releases, including release notes.

Frontline VM dashboard | Recent Frontline Releases panel