Dashboard Vulnerability Overview tab

The Vulnerability Overview tab on the Puppet Remediate Vulnerabilities dashboard displays information on the number, criticality and extent to which the nodes on your network are vulnerable.

The Key Statistics area gives you an idea of the overall health of your network. Here you’ll see the total number of vulnerabilities affecting nodes within your network, as well as the total number of vulnerabilities designated as medium risk, high risk or critical.

Note: The result shown in this area may differ from that displayed in the Vulnerable Nodes area if your scanner duplicates nodes owing to IP address reuse. The Nodes area ignores duplicates in this instance.

The Criticality Breakdown chart displays the percentage of vulnerabilities in each criticality division. Mouse over each section in the chart to see more information on the number of vulnerabilities in that category affecting nodes in your network. Click on a section to view all vulnerabilities in this criticality division in the Vulnerabilities table.

The Top 5 common vulnerabilities chart displays the number of nodes compromised by the most widespread vulnerabilities on your network. Mouse over each bar for the name of the vulnerability in question. Click a bar to see more information on the selected vulnerability in the Vulnerabilities table.

The Vulnerabilities table itself provides top-level information on individual vulnerabilities:

  • Click the export icon to export the Vulnerabilities table data in CSV format.
  • Filter the content by vulnerability severity by using filter option menu and create filter button at the top of the table. If you need to filter by vulnerability name or analysis content, click Create Filter and select the appropriate column, choose the required operator, and add the value you want to search for.
  • Sort by clicking on the appropriate column header. You can also choose which columns are displayed and which are hidden from the Columns drop-down menu.

Each row of the Vulnerabilities table provides:

  • The name of the vulnerability.
  • The risk score assigned by the vulnerability scanner. This is a score out of 1000.

    As each vulnerability scanner provider uses a different scoring system, Remediate regularizes the score using the formulae outlined in the table below:

    Scanner provider Risk score regularization formula
    Qualys Severity (1-5) * CVSS Modifier field (1-10) * 20
    Rapid7 The Rapid7 is not regularized and is presented as is.
    Tenable.io Severity(1-5) * CVSS3 base score (if present, else CVSS base score) (1-10) * 20
    Tenable.sc Severity(1-5) * CVSS3 base score (1-10) * 20
  • An analysis of the vulnerability provided by your vulnerability scanner. This is a description of the vulnerability threat, and the possible consequences that can occur if the vulnerability is successfully exploited.
  • The number of nodes affected by the particular vulnerability.
  • This table also shows the Puppet risk score. This is the vulnerability scanner risk score multiplied by the number of nodes affected by the vulnerability. The Puppet risk score lets you see straight away which vulnerabilities need to be addressed first.

Click the name of the vulnerability to go to the Vulnerability detail page. Here, you’ll find fuller information on the vulnerability, the nodes it affects, and advice about how to the threat. You can also launch remediation tasks from this page.