ClearPoint Metrics

Measure, Share, Compare.
CatalogVulnerability and Patch Management

Vulnerability and Patch Management version 1.0

Scorecard Audience Description
Vulnerability and Patch Initiative Overview Executive

Vulnerability and Patch Initiative Overview communicates the effectiveness of security policies and procedures for patch management, vulnerability scanning, and vulnerability remediation. This scorecard presents performance scores for three control objectives: identification of vulnerabilities on critical assets, compliance of patch procedures with policy, and efficiency of incident response. Scores are based on user-defined goals. Performance scores are trended and displayed as RYG rating visuals.
The Control Objectives Rollup Template Executive

The Control Objectives Rollup Template scorecard focuses on three critical control objectives: patch management, vulnerability scanning, and vulnerability remediation.
Key Performance Indicator Rollup Template Manager

The Key Performance Indicator Rollup Template communicates the effectiveness of policies and controls for patch management, vulnerability scanning, vulnerability remediation. This scorecard presents performance scores for selected key performance indicators. Scores are based on user-defined goals. Performance scores are trended and displayed as RYG rating visuals.
Distribution by Vulnerability ID Operations

Distribution by Vulnerability ID illustrates the relative concentration of vulnerabilities in the environment. This scorecard displays the total number of occurrences for each unique vulnerability ID.
Hosts Covered By Patch Systems Operations

Hosts Covered By Patch Systems displays trended metrics results for the percentage of hosts covered by a patching system.
Hosts Exempt from Patch Management Operations

Hosts Exempt from Patch Management illustrates how well systems are covered by an automated patch management system. This scorecard shows trended metrics results for the number of hosts exempt from automated patch management.
Hosts Exempt from Vulnerability Scanning Operations

Hosts Exempt from Vulnerability Scanning presents trended metrics results for the percentage of hosts exempt from vulnerability scanning.
Hosts Fully Patched Operations

Hosts Fully Patched displays trended metrics results for the percentage of hosts containing all approved patches.
Hosts Missing Critical Patches Operations

Hosts Missing Critical Patches presents trended metrics results for the percentage of hosts missing high priority required patches.
Hosts Scanned within Policy Operations

Hosts Scanned within Policy illustrates the organization's adherence to vulnerability scanning policies. This scorecard presents trended metrics results for the percentage of hosts scanned within the time frame specified by user-defined policy.
Hosts With Severe Vulnerabilites Operations

Hosts With Severe Vulnerabilities presents trended metrics results for the percentage of hosts with severe vulnerabilities detected.
Hosts With No Vulnerabilites Operations

Hosts With No Vulnerabilities presents trended metrics results for the percentage of hosts with no vulnerabilities detected.
Host Vulnerability Operations

Host Vulnerability presents the distribution and severity of vulnerabilities detected across hosts. This scorecard displays metrics results identifying the most vulnerable hosts and vulnerability impact.
Host Vulnerability Distribution Operations

Host Vulnerability Distribution shows the distribution of vulnerabilities across hosts.
Mean Age of Open Tickets Operations

Mean Age of Open Tickets presents trended metrics results for support ticket aging.
Mean Time Since Last Scan Operations

Mean Time Since Last Scan presents trended metrics results for the average number of days since the last vulnerability scan.
Mean Time to Close a Ticket Operations

Mean Time to Close a Ticket illustrates the activity time for patch support tickets. This scorecard presents trended metrics results for the mean number of days between support ticket initiation and ticket closure.
Mean Time To Patch Operations

Mean Time To Patch presents trended metrics results for the mean number of days required to patch assets.
Most Common Severe Vulnerabilities Operations

Most Common Severe Vulnerabilities lists the ten severe vulnerabilities with the most number of instances detected across all hosts.
Most Common Vulnerabilites Operations

Most Common Vulnerabilities lists the ten vulnerabilities with the most number of instances detected across all hosts.
Open Tickets by Creation Date Operations

Open Tickets by Month Created illustrates seasonal changes and spikes in the patch application process. This scorecard shows support ticket aging grouped by ticket creation month.
Patches Applied within Policy Operations

Patches Applied within Policy illustrates the organization's adherence to patch application policies. This scorecard presents trended metrics results for the percentage of hosts patched within the time frame specified by user-defined policy. Default policy is 40 days from patch approval to patch application.
Patch Management Coverage - Statistics Operations

Patch Management Coverage - Statistics presents details of host coverage by an automated patch management system. This scorecard displays trended metrics results for patched systems and exemptions.
Patch Policy - Statistics Operations

Patch Policy - Statistics illustrates the function of an automated patch management system. This scorecard displays trended metrics results for average time to patch, hosts patched within policy, patches successfully applied, and hosts missing critical patches.
Percentage of Hosts Scanned Operations

Percentage of Hosts Scanned presents trended metrics results for percentage of hosts covered by a vulnerability scanning system.
Percentage of Vulnerable Hosts Operations

Percentage of Vulnerable Hosts presents trended metrics results for percentage of hosts with at least one detected vulnerability.
Remediation Activity - Statistics Operations

Remediation Activity - Statistics displays details for vulnerability remediation process time and remediation ticket duration. This scorecard presents trended metrics results for average process time, process time within policy, average ticket close time, and ticket close time within policy.
Remediation Tickets Closed in Policy Operations

Remediation Tickets Closed in Policy illustrates the organization's adherence to policy for remediation ticket activity time. This scorecard presents trended metrics results for the percentage of support tickets closed within user-defined policy. Default policy is 10 days.
Residual Risk Levels - Statistics Operations

Residual Risk Level - Statistics displays details for unpatched assets and ticket processing. This scorecard presents trended metrics results for assets missing at least one critical patch, open patching tickets, and ticket aging.
Scan Configuration Operations

The Scan Configuration scorecard measures the frequency, coverage, and compliance to vulnerability scanning policies. The scorecard communicates the average time elapsed since the last scan and determines the number of hosts that were scanned within the user-definable policy.
Scan Coverage - Statistsics Operations

Scan Coverage - Statistics illustrates host coverage by an automated vulnerability scanning system. This scorecard displays trended metrics results for hosts covered by vulnerability scanning, hosts exempt from scanning, hosts with severe vulnerabilities, and hosts with no known vulnerabilities.
Time to Process in Policy Operations

Time to Process in Policy illustrates the organization's adherence to policy for overall remediation process time, from identification of the issue to closure. This scorecard presents trended metrics results for the percentage of patches remediated within user-defined policy.
Top Ten Vulnerable Hosts Operations

Top Ten Vulnerable Hosts lists the hosts with the highest vulnerability scores. Vulnerability scores are calculated by weighting the number of identified vulnerabilities by their impact rating.
Vulnerabilities by Impact Operations

Vulnerabilities by Impact shows the distribution of vulnerabilities classified by impact rating.
Vulnerabilities by Type Operations

Vulnerabilities by Type shows the distribution of detected vulnerabilities classified by vulnerability type.
Vulnerability Management Operations

Vulnerability Management presents the distribution of detected vulnerabilities. This scorecard displays metrics results for vulnerabilities classified by impact and type, and lists the most common vulnerabilities detected.

Do it...

Contact Us

Tell me...

What am I looking at?

How do I use this page?


Community content licensed under Creative Commons :: Privacy Policy :: Terms of Use :: Contact Us

ABOUT SSL CERTIFICATES

8 New England Executive Park, 3rd Floor | Suite 390, Burlington MA 01803 | Main Number 617-456-1900
ClearPoint is the IT security measurement Company for Governance, Compliance and Risk
Copyright © 2005-2010 ClearPoint Metrics. Inc. All rights reserved