Severity Statistics Dashboard

ะกomprehensible Severity Statistic view:

The timeline of the charts can be customized to show data for the last 3 days, last week, last month, or last year, providing flexibility in analyzing different time ranges.

General Weighted Risk Trend

Weighted Risk Trend (WRT) metric empowers organizations to measure and track the state of security in a business-oriented manner. The General WRT is calculated by combining the WRT of each product, taking into account their respective severity weights, findings count, and business criticality assessments.

Note that the General Weighted Risk Trend displays the WRT, risk appetite and severity weight values for each day. To ensure that the historical graph accurately reflects your risk trends, be sure to set the appropriate weights before viewing the graph. Otherwise, the graph may be distorted by incorrect weight values.

By regulary tracking the following global metrics, you can gain a better understanding of your security posture and make informed decisions to enhance your overall security strategy.

Status change mean time

By monitoring the Status change mean time graph in relation to the SLA requirements, you can effectively manage and prioritize your remediation efforts, ensuring that critical vulnerabilities are promptly addressed and mitigated according to the established timelines.

  • Average Vulnerability Age (AVA) calculates the average age of vulnerabilities from creation to remediation. It helps to determine how long vulnerabilities pose a potential risk.

  • Mean Time to Detection (MTTD) measures the average time it takes to verify vulnerabilities from the moment they are created. A shorter MTTD indicates an effective and timely vulnerability detection process.

  • Mean Time to Rejection (MTR) measures the average time it takes for a finding to be rejected after creation. It provides insights into the speed of handling findings that are determined to be false positives.

  • Mean Time to Remediation (MTTR) calculates the average time it takes to remediate vulnerabilities from the moment they are verified. A shorter MTTR indicates an efficient vulnerability resolution process.

  • Mean Time to Product Task Assignment (MTTAp) measures the average time it takes for a validated finding to be assigned to a developer (assignee) in the Jira product space from the time it is validated. It helps to track the speed at which results are processed after validation and the initiation of the fixing process.

Mean Time to Security Task Assignment (MTTAs) measures the average time it takes for a validated finding to be assigned to a developer (assignee) in the Jira security space from the time it is validated. It helps to track the speed at which results are processed after validation and the initiation of the fixing process.

Findings count

  1. Finding Discovery Rate (FDR) measures the rate at which new vulnerabilities are verified per day, either manually or automatically (through the Auto Validator). It helps you evaluate the effectiveness of your Auto Validator's rules and security team.

  1. False Positive Rate (FPR) quantifies the rate of reported vulnerabilities that are later determined to be false positives per day manually or by Auto Validator. A lower false positive rate indicates the accuracy of your vulnerability detection tools and methodologies.

  1. Vulnerability Remediation Rate (VRR) tracks the rate at which vulnerabilities are resolved per day, either manually or automatically (through the Auto Closer). This metric evaluates the efficiency of your vulnerability resolution process.

Last updated