Dashboard Toolbox - VM DASHBOARD BETA: FEDRAMP - Vulnerability Mitigation by SLA

Document created by Felix Jimenez Employee on Aug 20, 2019Last modified by Felix Jimenez Employee on Sep 12, 2019
Version 6Show Document
  • View in full screen mode

This VM Dashboard will enable you to get instant dynamic visibility into your remediation SLAs as required FedRAMP. A single, dynamic dashboard that includes customizable views, graphs, and charts giving you a clear and comprehensive view of your threat landscape at a glance in real-time based on CVSS 3 Base Score. For detail on the FedRAMP requirements supported by this dashboard, see FedRAMP ConMon – Efficiently & Effectively Managing SLAs for RA-5d Requirement.

 

About Vulnerability Scoring

Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to the threat. Scores are calculated based on a formula that depends on several metrics that approximate ease of exploit and the impact of exploit.

 

CVSS Scores range from 0 to 10, with 10 being the most severe. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes. While many utilize only the CVSS Base score for determining severity, temporal and environmental scores also exist, to factor in the availability of mitigations and how widespread vulnerable systems are within an organization, respectively. The amount of work as security professionals we encounter daily given its an ever-changing environment is massive. That is where Qualys can provide the ability for quick dashboarding and views to key indicators to assist and prioritize your remediation work.  #VisualizeDataNotCSVs  

 

The FedRAMP Vulnerability Mitigation by SLA Dashboard

This VM Dashboard will enable you to get instant visibility based on CVSS Scores as defined by NIST:

 

The Dashboard tracks the following KPIs as per CVSS 3 Base Score:

  • Qualys Status "New, Active Reopened" By Severity

  • Qualys Status "Fixed" By Severity

  • Host-Based Count Widgets

  • TOP 50: High, Medium, Low

  • Widgets as per FEDRAMP SLAs: 30, 90, 180
    • Vuln Status
    • First found per SLA days 
    • First found per SLA days & vulns published in per SLA day's

 

NVD Vulnerability Severity Ratings

NVD provides qualitative severity rankings of "Low", "Medium", and "High" for CVSS v2.0 base score ranges in addition to the severity ratings for CVSS v3.0 as they are defined in the CVSS v3.0 specification.

CVSS v2.0 RatingsCVSS v3.0 RatingsFEDRAMP Remediation SLAs
SeverityBase Score RangeSeverityBase Score RangeSeverity SLA Criteria.Mitigation SLA
None0.0
Low0.0-3.9Low0.1-3.9Low180 days
Medium4.0-6.9Medium4.0-6.9Moderate90 days
High 7.0-10.0High7.0-8.9High30 days
Critical9.0-10.0

 

 

Dashboard Demonstration Images

 

 

Tokens

Example of quick help for tokens. 

 

How to Enable Trending on the Widgets

Open the desired widget in edit mode and select the Collect trend data checkbox.

 

 

Resources

 

External References:

 

Additional Dashboards:#performance_mgmt

Dashboard Toolbox - How To Enable the New VM Dashboard BETA within the Qualys UI 

Dashboard Toolbox - How To - Importing Dashboard json 

- - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - -

Dashboard Toolbox - VM DASHBOARD BETA: QID Specific Remediation Dashboard (v1.0) 

Dashboard Toolbox - VM DASHBOARD BETA: Host Scan Time Management (v1.1) 

Dashboard Toolbox - VM DASHBOARD BETA: Per Year Environment View - Vr1.0 

Dashboard Toolbox - VM DASHBOARD BETA: Severity 1 thru 5  & Threat Protection (RTI) Dashboard BETA 

Dashboard Toolbox - VM DASHBOARD BETA: PCI Compliance Vulnerability Exposure Dashboard 

Dashboard Toolbox - VM DASHBOARD BETA: Windows Authentication Management (v1.2) 

Dashboard Toolbox - VM DASHBOARD BETA: Total Vulnerabilities Scorecard    

Dashboard Toolbox - VM DASHBOARD BETA: Total Unremediated Scorecard   

Dashboard Toolbox - VM DASHBOARD BETA: Top 10 Vulnerabilities Scorecard 

Dashboard Toolbox - VM DASHBOARD BETA: Top 10 Assets Scorecard 

Dashboard Toolbox - VM DASHBOARD BETA: Hosts Assessment Dashboard 

Dashboard Toolbox - VM DASHBOARD BETA: Threat Real Time Indicator (RTI) Dashboard 

Dashboard Toolbox - Top 5 Vendor Open Vulns Sev3-5 Assessment Dashboard BETA

Dashboard Toolbox - [Tags.Name] Confirmed Sev 3- 5 Excl NRK 90D BETA

Dashboard Toolbox - VM DASHBOARD BETA: Windows 7 Confirmed/Potential Sev 3-5 90D Assessment 

Dashboard Toolbox - Cisco Vendor Only Confirmed/Potential Sev 3-5 90D Assessment BETA

Dashboards and Reporting: Apache Struts RCE Vulnerabilities: CVE-2017-5638 and CVE-2018-11776

QID Tracking Dashboard: .NET Framework Service Packs - All of a Sudden

Adobe Product Dashboard: Qualys API - List Assets by Vulnerability Title

 

 

 

* * * WARNING: Read Before Downloading * * *

At this time, Dashboard and Widget JSON files are not interchangeable between application dashboards, meaning Vulnerability Management Beta Dashboard JSON files may only be used in VM Dashboard and AssetView JSON files may only be used in AssetView. If you make a mistake and import a JSON file from one application into the other, you must contact Qualys Support to have the error corrected in the database for your subscription. 

Again, there is no way to reverse this mistake within the UI, it must be done in the database.

 

 

Back toDashboards and Reporting Resources - Start Here 

Outcomes