Key insights and configured insights for Security Posture Control

  • Release version: Washingtondc
  • Updated August 28, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Key Insights and Configured Insights for Security Posture Control

    The Security Posture Control application provides Key insights and Configured insights to help you monitor and assess the security posture of your assets. These insights are derived from the assessment criteria defined by the application’s policies and offer visual reports on security control metrics through a dashboard.

    Show full answer Show less

    Key Features

    • Key Insights: Automatically generated reports based on predefined policies, displaying metrics such as:
      • Endpoint protection agent status
      • Managed vs. unmanaged device coverage
      • Vulnerability scan coverage
      • Assets with critical vulnerabilities
      • Vulnerable items categorized by severity
      • Top 3 policies by findings
    • Configured Insights: Customizable insights created using existing or custom policies, offering additional data through:
      • Comparison charts for policy results
      • Policy match count and percentage visualizations
      • Trends of asset policy compliance
    • Group Organization: Organized reports into groups, with each group capable of containing up to 21 widgets or insights.

    Key Outcomes

    By utilizing Key and Configured insights, customers can effectively monitor their security metrics, identify vulnerabilities, and gauge compliance with security policies. This functionality facilitates better decision-making and enhances overall security posture management within the organization.

    Key and configured (custom) insights provide you with visual reports that are created and updated by the assessment criteria that match your assets. Insights help you monitor security controls metrics on a dashboard.

    Key insights

    The criteria used for the assessments of your assets are provided by the policies that are included with the application.
    • Key insights use the policies that are included with the application.
    • Configured insights can be created using the policies included with the application, your own custom policies, or a combination of both.
    On the Home (landing page) in the Security Posture Control workspace, the Key insights section below the Overview displays visual reports that are created and updated by the policies that are included with the application. These insights are also included with the application and display the following information:
    • Endpoint protection agent installed: Total number of assets that have or do not have endpoint protection.
    • Managed device coverage: Number of managed assets compared to those that are unmanaged.
    • Vulnerability scan coverage: Total number of scanned assets compared to the those that are not scanned for known vulnerabilities by a third-party vulnerability scanner.
    • Assets with critical vulnerabilities: Number of assets out of the total number of assets that have critical vulnerabilities.
    • Vulnerable items by criticality: Total number of vulnerable items broken down by their severity. A known vulnerability that matches an asset in your CMDB results in a vulnerable item. This insight requires you to install the Vulnerability Response application and at least one scanner integration: Qualys, Rapid7, or the Tenable Vulnerability Integration. All these applications are available on the ServiceNow® Store.
    • Top 3 policies by findings: Policies that return the most findings (matches) on your assets.

    Configured insights

    You can create your own insights if you want more information not found in the Key insights. You can create these configured insights and use existing policies or your own custom policies for assessment. Your configured insights are displayed on the Configured insights dashboard module, the second icon from the top in the workspace.

    Following types of insights can be configured.

    • Comparison chart: Compare results between multiple policies with bar charts.
    • Policy match count widget: View the number of devices that match a policy.
    • Policy match percentage chart: View the percentage of devices that match a policy in a pie chart. You can choose the total asset pool as either all the assets monitored by SPC or the assets that match the base policy from which the current selected policy is created.
    • Policy trend chart: View the trends of assets that match various policies.

    See Create and activate a configured insight for Security Posture Control for more information about the steps for creating a configured insight.

    Groups

    You must create or assign groups to your configured insights when you create new records in the Custom insight builder module. Groups allow you to organize your reports on the Configured insights dashboard.

    Insights can be organized into groups. Each group can have 21 widgets or insights.