Home
Last updated
Last updated
From the Home page, users can quickly navigate to different sections of the system to dig deeper into specific aspects such as security posture, vulnerability analysis, and attack simulations. Additionally, the Home page may display real-time updates, alerts, or notifications to keep users informed about the latest developments in their network security posture.
By presenting a top-level overview of essential details, the Home page enables users to stay informed and make informed decisions regarding their organization's cybersecurity strategy.
The Topology tile provides an overview of the results obtained from network scanning, presenting key metrics related to the network's structure and security status. Specifically, it includes the following information:
Total Number of Subnets: This metric indicates the overall number of subnets within the organization's network infrastructure.
Number of Vulnerable Subnets: It highlights the subset of subnets within the network that contain vulnerabilities or security weaknesses. Identifying vulnerable subnets is crucial for prioritizing remediation and strengthening security measures.
Total Number of Assets: It shows the total number of assets or devices detected within the network.
Vulnerable Assets: Indicates the number of assets within the network that are found to have vulnerabilities or security flaws. Vulnerable assets represent potential entry points for attackers and require immediate attention to mitigate potential risks.
Critical Paths: Highlights the most sensitive paths within the network that could lead to high-value assets.
Number of Critical Assets: Indicates the number of assets considered critical based on their value to the organization.
Critical Vulnerabilities: Highlights vulnerabilities classified as critical within the network.
The Risk Score is a metric reflecting the current level of cybersecurity risk within the organization’s network. Presented as a percentage, it indicates the likelihood of a potential attack based on identified vulnerabilities, critical assets, and network exposure. In this example, a Risk Score of 36.81% suggests a moderate risk level. Monitoring this score over time helps in tracking the effectiveness of remediation efforts and identifying trends in network health.
This metric indicates the number of vulnerabilities that have been mitigated or resolved since the last scan. The "Check Now" option allows users to access detailed information of the resolved vulnerabilities.
The Health Trend graph visualizes the change in the Risk Score over time, offering a historical view of the network's security posture.
This section provides an overview of the security posture of each asset within the network, categorized by vulnerability levels. Each asset's security posture, including its vulnerabilities, critical paths, and exposure levels, directly influences the organization's overall risk score.
The breakdown of asset security postures is as follows:
Robust Assets: These assets have a strong security posture with minimal vulnerabilities, making them difficult for attackers to exploit.
Moderate Assets: Assets classified as Moderate have a balanced security posture with some vulnerabilities but are not highly exposed.
Exploitable Assets: These assets contain significant vulnerabilities that could be exploited by attackers.
Highly Exploitable Assets: Assets in this category are the most vulnerable and present the greatest risk of exploitation.
In the Cybral Attack Scenario section, the system uses advanced AI technology known as a Large Language Model (LLM) to make complex attack graphs easy to understand. This technology acts as an extra layer of analysis, taking in detailed attack data and translating it into a straightforward, written summary of potential threats, which is then displayed on the dashboard.
With LLM technology, users don’t need to be cybersecurity experts to grasp what’s going on in their network. The system generates a clear, narrative-style scenario that describes the steps an attacker might take to exploit vulnerabilities, giving users a real sense of the risks involved.
Each attack scenario also includes practical remediation steps that users can follow to protect their network. These recommendations are based on best practices in the industry, providing users with straightforward actions to shore up their defenses and address specific vulnerabilities.
The Storm AI Engine in this example has generated 6 attack scenarios based on critical paths within the network. These scenarios illustrate potential attack vectors that an attacker might exploit by using known vulnerabilities, targeting specific IP addresses, and following critical pathways to gain unauthorized access. Each scenario is ranked by risk level—Low or High—allowing security teams to prioritize responses based on severity.
By clicking on the Show button next to each scenario, users are directed to the Critical Paths Graph page, where the specific critical paths related to that attack scenario are highlighted.
After selecting "Generate Defense Strategy," users are directed to Defense Strategy page, where Storm Analyzer prioritizes the necessary remediation actions required to address vulnerabilities and enhance the network’s security posture. The system highlights the critical vulnerabilities that need immediate attention. This page provides a detailed, structured approach to implementing effective defense measures.
Users have the option to Export Remediations, allowing them to download an Excel report that includes the CVE identifier, affected assets, and recommended remediation steps.
Users have the option to select a checkbox next to each "Remediate CVE......." option, enabling the Simulate Remediation Actions feature. By clicking this button, users are directed to the Remediation Planner page, where they can simulate the potential impact of remediation actions on the network. For example, users can evaluate the effect of addressing a specific vulnerability or blocking a port.
On the Remediation Planner page, clicking Simulate generates a comparison between the current network state and the projected state after implementing the recommended remediation actions that will be discussed later in a separate section. This analysis provides valuable insights into the effectiveness of proposed actions. Users can also download this comparison as a Before and After PDF report for documentation and review.
The Vulnerabilities Insights section provides a detailed analysis of vulnerabilities present within the network, segmented by frequency and severity. This feature allows security teams to quickly assess the scope and criticality of vulnerabilities and prioritize remediation efforts accordingly. The pie chart displays the distribution of different vulnerabilities based on their frequency within the network.
Severity Distribution Bar:
This bar chart classifies the vulnerabilities into four severity levels: Critical, High, Medium, and Low.
Each severity level is color-coded, providing a quick visual assessment of the risk profile:
Critical: 4 vulnerabilities (indicated in red)
High: 24 vulnerabilities (indicated in orange)
Medium: 14 vulnerabilities (indicated in yellow)
Low: 11 vulnerabilities (indicated in green)
In the Vulnerabilities Insights section, the "Show" arrow located in the upper left is a clickable element. By clicking on it, users are directed to the Network Vulnerability page, where they can view a more detailed breakdown of vulnerabilities across the network. This page provides in-depth insights into each identified vulnerability, allowing users to better understand their network’s security landscape and prioritize remediation actions effectively.
