Dashboards That Actually Show You What You Want to See
How Custom Dashboards Enhance Security Monitoring
Aqsa Taylor | June 4, 2024
Tired of seeing dashboards that are siloed and focus on metrics you can’t really present to your board or teams?
Gutsy understands your pain.
That's why we introduced custom dashboards based on process metrics that you define! A single place to track your security program’s performance across multiple tools and teams.
How it works
Gutsy ingests data from all your tools in the process and correlates activity between them so you can see how the tools and people work together in achieving your security outcomes. Gutsy makes all this ingested event information available to you so you can create custom queries and filter results as needed.
In this release, you can not only save such queries but also create dashboards based on them in two easy steps:
Step 1: Open the process explorer and add filters for your KPI.
Step 2: Save your query as a “view.”
Result: You’ll see a matching customized view-based dashboard automatically added to the dashboard page within seconds.
A dedicated dashboard for late triage as a real use case
Let’s consider a vulnerability management program in your organization. At the end of the day, the objective is to remediate vulnerabilities in a timely manner by severity to lower exposure risk of your organizational assets.
But how do you know how many critical vulnerabilities are still pending triage even after SLA was breached?
To answer such a simple question as this, you would need to look into at least two tools:
- The vulnerability scanner which shows vulnerability information along with its severity
- The ticketing platform where you would create a ticket for the vulnerability after triaging
These two tools are independent of each other. The ticketing system would not show the date of the vulnerability’s discovery and the vulnerability scanner would not show the status of the ticket. So to track vulnerabilities that are yet to be triaged you would need to manually compare both systems or maybe write an automation script to do the correlation for you.
Gutsy not only does this automatically for you but now also creates a dashboard that shows your overall conformance for this KPI and the top bottlenecks that are preventing you from reaching your optimal state.
For the above requirement, I’m simply going to create a query with three criteria:
- The detected vulnerability has a critical severity rating from a vulnerability scanner
- No ticket was opened in my pipeline tool for such a vulnerability
- The duration has exceeded 2 weeks from when the vulnerability was first discovered in my environment
After saving this view, I can see the dashboard page updated with the conformance ratio - showing me how many such cases exist, how many were exceptions and how many require attention. Bottlenecks and SLA metrics are also provided for this view.
Say goodbye to spreadsheets and custom automation scripts pulling data from different tools to create internal dashboards when you say hello to Gutsy!
Learn more
Article: Optimizing Security Through Process Data Organization
Article: Plan for Success: Using Process Blueprints to Define Your Security Playbooks