This dashboard presents important metrics for analyzing your Application Vulnerability Management process, such as viewing remediation target attainment rates.

Required ServiceNow AI Platform roles and viewing the dashboard

Note:
  • This dashboard is part of the Application Vulnerability Response content pack. The Application Vulnerability Response content pack is part of the Performance Analytics for Vulnerability Response content pack.
  • The Performance Analytics for Vulnerability Response content pack is available on the ServiceNow® Store as a separate subscription.
  • The Performance Analytics for Vulnerability Response content pack is not automatically installed with the Vulnerability Response application.

The My Application Vulnerabilities dashboard is available only when a member of the Security Champion user group logs into an instance. For information on the Overview dashboard, see Application Vulnerability Management [PA] dashboard.

To view the dashboard, navigate to Application Vulnerability Response > My Application Vulnerabilities.

Starting with version 19.0 of Application Vulnerability Response, this dashboard can also be viewed in the New Experience UI. To view the dashboard in the new UI, navigate to Workspaces > Vulnerability Manager Workspace and click theDashboards icon. Depending on your role, the default dashboard is displayed. To view other dashboards, click the drop-down next to the dashboard name. For more information, see Dashboards page in the Vulnerability Manager Workspace and Dashboards page in the IT Remediation Workspace.

View reports that show trending data over time. View trends of important metrics on a regular schedule to analyze your overall business processes and identify areas of improvement.

The My Applications Vulnerabilities dashboard is included with the Performance Analytics for Vulnerability Response content pack. The Performance Analytics for Vulnerability Response content pack is not automatically installed with the Vulnerability Response application. It is available on the ServiceNow® Store as a separate subscription.

Use cases

User Dashboard use
IT specialists, remediation owners, or analysts who remediate vulnerabilities assigned to them or to a group they belong to.

A Security Champion uses the My Application Vulnerabilities dashboard to track the volume, performance, and progress of remediation for application vulnerabilities.

Efficiently determine which application vulnerable items (AVIs) present the most risk to your organization.

These dashboards provide a graphical view into AVI activity to help determine remediation plans and status progress. You can focus on the KPIs associated with critical affected applications and high-visibility vulnerabilities.

Quickly gain insight into your vulnerability exposure and security posture. Track from initial analysis and detection to containment, or remediation.

My Application Vulnerabilities [PA] dashboard tabs

The My Application Vulnerabilities dashboard communicates KPIs for vulnerability risk and prevalence, affected applications, remediation trends, and remediation progress. The default for trends is three months but can be changed to 7 day, one month, 3 months, 6 months, YTD, 1 year, or All.

Data is broken down in the dashboard by Application. Use the Select elements list to refine your selections.

Figure 1. Security Posture tab

The Security Posture tab helps you understand your security posture and the progress of your remediation actions. Breakdown the data in the Application Vulnerability Management dashboard by Scan Type, Application or Business unit. Each of these choices has an additional filter, Select elements, to refine your selections.

This tab named "Security Posture" shows the status of your security posture.
Figure 2. Remediation Trend tab

The Remediation Trend tab helps you understand the progress of your remediation actions.

This tab named "Remediation Trend" shows the progress of your remediation actions.

Indicators

Mean time to remediate Low AVIs
[[Summed Duration of Closed Application Vulnerable Items > Risk Rating = 4 - Low]] / [[Closed Application Vulnerable Items > Risk Rating = 4 - Low]]. Goal is to minimize.
Application Releases
It is the count distinct on applications from AVI.Active, which is using the table: sn_vul_app_vulnerable_item. Goal is to minimize.
Application Vulnerable Items
It is the count on app vul items AVI.Active, which is using the table: sn_vul_app_vulnerable_item. Goal is to minimize.
Average AVIs per application
[Active Application Vulnerable Items]] / [[Application Releases]]. Goal is to minimize.
Unassigned VIs
It is the count on indicator source AVI.Active, which is using the table: sn_vul_app_vulnerable_item. Goal is to minimize.
Mean time to remediate AVIs
[[Summed Duration of Closed Application Vulnerable Items]] / [[Closed Application Vulnerable Items]]. Goal is to minimize.
Mean time to remediate High AVIs
[[Summed Duration of Closed Application Vulnerable Items > Risk Rating = 2 - High]] / [[Closed Application Vulnerable Items > Risk Rating = 2 - High]]. Goal is to minimize.
Closed Application Vulnerable Items
It is the count on indicator source AVI.Closed, which is using the table: sn_vul_app_vulnerable_item. Goal is to maximize.
Mean time to remediate Critical AVIs
[[Summed Duration of Closed Application Vulnerable Items > Risk Rating = 1 - Critical]] / [[Closed Application Vulnerable Items > Risk Rating = 1 - Critical]]. Goal is to minimize.
New Application Vulnerable Items
It is the count on indicator source AVI.New, which is using the table: sn_vul_app_vulnerable_item. Goal is to minimize.
Mean time to remediate Medium AVIs
[[Summed Duration of Closed Application Vulnerable Items > Risk Rating = 3 - Medium]] / [[Closed Application Vulnerable Items > Risk Rating = 3 - Medium]]. Goal is to minimize.
Net change in VIs
[[New Application Vulnerable Items]] - [[Closed Application Vulnerable Items]]. Goal is to minimize.
Summed Duration of Closed Application Vulnerable Items
It is the count on indicator source AVI.Closed, which is using the table: sn_vul_app_vulnerable_item. Goal is to minimize.
Critical Overdue Application Vulnerable Items
It is the count on data source AVI.Active, which is using the table: sn_vul_app_vulnerable_item. Goal is to minimize.
Critical Application Vulnerable Items
It is the count on indicator source Applications with active AVIs, which is using the table: sn_vul_analytics_app_ci_dept_bu. Goal is to minimize.

Breakdowns

  • Age
  • Age Closed
  • Application
  • Business Unit
  • Risk Rating
  • Scan Type
Note: Customizing the Age and Age closed calculation for application vulnerable items (AVIs) may lead to a sharp rise or drop in the Performance Analytics (PA) reports that include these metrics. For more information on how to customize the calculation of Age and Age closed for AVIs, see the KB1703270 KB article.

Data visualizations

Table 1. Security Posture
Name Type Description
Active Application Vulnerable Items (AVIs) Single Score Single-score icon Number of active (non-closed) application vulnerable items (AVIs).
Application Vulnerable Item (AVI) Distribution Pie Chart Pie chart icon Distribution of all active application vulnerable items (AVIs) grouped by risk rating.
AVI trends TrendBar icon Trend of active application vulnerable items (AVIs) grouped by risk rating.
Average AVIs per application TrendBar icon Trend of average application vulnerable items (AVIs) per application, grouped by risk rating.
Table 2. Remediation Trend
Name Type Description
Mean time to Remediate Application Vulnerable Items (AVIs) LineLine icon Trend of the average remediation time for application vulnerable items (AVIs) by risk rating.
Net change of AVIs TrendBar icon Line icon Trend of new application vulnerable items (AVIs) detected vs closed by month.