Attack Surface Overview Dashboard - 1.0 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Assess User Guide

Creation date
Last date published
User Guide

The Attack Surface Overview dashboard provides a way to get a clear attack surface overview, delivering 30-day views of critical assets. Dashboards are extremely helpful in managing your attack surface. Specific uses of dashboards include:

  • Monitoring progress toward attack surface annotation and enrichment—The Attack Surface Overview dashboard graphically displays trends in your attack surface (services, domains, certificates, OnPrem IPs). Customers use this information to track their remediation progress and efforts. Such charts can also illuminate spikes in asset counts that warrant investigation.

  • Comparing across business units—All dashboard reporting includes filters to isolate one business unit from another. Managers can use filters to compare business unit progress and reallocate resources as necessary.

  • Reporting within the organization—Cortex Xpanse customers use the native reporting to create actionable reports and visualizations for other teams and executives, such as CISO, CIO, CEO, CDO, and CPO. Teams typically include Incident Response (IR), Risk Management, IT Operations, and Application Development. Reporting can be used as “state of the network” reports, providing snapshots of counts (at a given time) to help with security strategies and resource planning. Reporting can also include results of a Cortex Xpanse asset audit, highlighting how many additional assets that Xpanse could identify for customers. An asset audit is essential to justify the ROI of an engagement.