ClearPoint Metrics

Measure, Share, Compare.
CatalogThreat and Virus Management

Threat and Virus Management version 1.0

Scorecard Audience Description
Threat and Virus Management Initiative Overview Executive

Threat and Virus Management Initiative Overview communicates the effectiveness of security initiatives designed to detect, protect, and defend critical information systems. This scorecard presents performance scores for three control objectives: identification of malicious threats, monitoring and coverage of critical information systems, and effectiveness of incident response activities. Scores are based on user-defined goals. Performance scores are trended and displayed as RYG rating visuals.
Control Objective Rollup Template Executive

The Control Objectives Rollup Template scorecard focuses on three critical control objectives: system monitoring and coverage, incident response, and malicious code handling.
Key Performance Indicator Rollup Template Executive

The Key Performance Indicator Rollup Template communicates the effectiveness of policies and controls for system monitoring and coverage, incident response, and malicious code handling. This scorecard presents performance scores for selected key performance indicators. Scores are based on user-defined goals. Performance scores are trended and displayed as RYG rating visuals.
Agents Not In Contact Operations

Agents Not In Contact presents the current state of deployed agents of a Host Intrusion Prevention System (HIPS). This scorecard presents trended metric results for agents not in contact.
Antivirus Coverage Operations

Antivirus Coverage displays trended metrics results for the percentage of assets covered by antivirus management.
Antivirus Coverage Statistics Operations

Antivirus Coverage illustrates coverage of assets by antivirus systems. This scorecard presents metrics results for assets under management by antivirus systems, and policy compliance statistics for virus definition updates.
Signature Version Distribution Operations

Signature Version Distribution illustrates the distribution of each known signature across all agents.
Antivirus Exemptions Operations

Antivirus Exemptions presents trended metrics results for the percentage of assets exempt from antivirus management.
Antivirus Signature Age Operations

Antivirus Signature Age presents trended metrics results for the average age of virus definitions. This scorecard shows minimum, maximum, and mean number of days since the last signature update.
Anti-Virus Signature Policy Operations

Anti-Virus Signature Policy examines the latency in virus definition updates. It displays statistics on volume of signatures updated within policy.
Antivirus Updates Operations

Antivirus Updates displays trended metrics results for the percentage of virus definitions updated according to the user-definable policy.
Automated Virus Protection Statistics Operations

Automated Virus Protection displays statistics for automatic and manual virus remediation. This scorecard presents trended metrics results for virus events remediated by an automated antivirus system, virus events remediated manually within user-definable policy, and ticket aging.
Auto-Remediated Critical Viruses Operations

Auto-Remediated Critical Viruses presents trended metric results for the percentage of critical virus events successfully cleaned by an antivirus system.
DAT Version Distribution Operations

DAT Version Distribution presents the current state of deployed agents of a Host Intrusion Prevention System (HIPS). This scorecard presents trended metric results for agent activity within policy.
Emerging Malware Behavior Operations

Emerging Malware Behavior shows volume and trends for emerging malware categorized by behavior. This scorecard presents trended metrics results for the following malware behavior categories: Adware, Data Destroyer, File Infector, Modifies Data/Setting, Security Bypass, Spyware, and Steal Data.
Emerging Malware by Operating System and Type Operations

Emerging Malware by Operating System and Type displays volume and trends for emerging malware categorized by target operating system and malware type. This scorecard presents trended metric results for Windows and non-Windows machines, and for the following malware categories: Trojan, Worm, Malicious Behavior, Exploit, and Virus.
Emerging Malware Propagation Operations

Emerging Malware Propagation displays volume and trends for emerging malware categorized by propagation method. This scorecard presents trended metrics results for threats propagated by the following methods: File Sharing/Transfer, Email with URL Link, Network File Transfer, ZIP Attachment, Email Attachment, and Web Browsing.
Emerging Malware Snapshot Operations

Emerging Malware Snapshot displays a summary of identified malware threat volume. This scorecard presents metrics results for identified threats categorized by threat type, prevalence, propagation method, and behavior.
Emerging Malware Trend Operations

Emerging Malware Trend shows trended metrics results for the total volume of identified malware threats. This scorecard presents the incidence of the following types of malware: File Sharing/Transfer, Email with URL Link, Network File Transfer, ZIP Attachment, Email Attachment, and Web Browsing.
Firewall Configuration Statistics Operations

Firewall Configuration displays configuration maintenance statistics. This scorecard presents metrics results for the total volume of firewall policy and rule changes, and the volume of changes on internet facing hosts.
Firewall Coverage Operations

Firewall Coverage illustrates coverage of assets and networks by a firewall. This scorecard displays trended metrics results for assets protected by a firewall, firewall rule changes, and denied traffic.
Firewall Network Activity Statistics Operations

Firewall Network Activity displays packet filtering statistics. This scorecard presents metrics results for the total volume of denied inbound and outbound traffic, and lists the IP addresses with the most denied inbound and outbound connections.
HIPS Agent Statistics Operations

HIPS Agent Statistics presents the current state of deployed agents of a Host Intrusion Prevention System (HIPS). This scorecard presents trended metrics results compared to three user-defined policies: agents with signature updates within policy, the mean age of signatures, and agent activity within policy.
Intrusion Detection System Coverage Statistics Operations

Intrusion Detection System Coverage illustrates coverage of assets and networks by a Network Intrusion Detection System (NIDS) or a Network Intrusion Prevention System (NIPS). This scorecard presents trended metrics results for assets covered, signatures updated within policy, and mean signature age.
Intrusion Detection System Updates In Policy Operations

Intrusion Detection System Updates In Policy presents trended metric results for signatures updated within policy.
Intrusion Detection System Coverage Operations

Intrusion Detection System Coverage illustrates coverage of assets and networks by a Network Intrusion Detection System (NIDS) or a Network Intrusion Prevention System (NIPS). This scorecard presents trended metrics results for assets covered.
Alert Events Operations

Alert Events presents trended metrics results for volume, severity, and distribution of alerts triggered by Network Intrusion Prevention System (NIPS) or Network Intrusion Detection System (NIDS) sensors.
Incident Response In Policy Operations

Incident Response In Policy illustrates incident response exposure. This scorecard presents trended metric results compared to user-defined policies for overall processing time.
Incident Response Process Time Operations

Incident Response Process Time illustrates incident response time. This scorecard presents trended metric results for overall processing time.
Incident Response Statistics Operations

Incident Response Statistics illustrates incident response exposure and incident response time. This scorecard presents trended metrics results compared to user-defined policies for overall processing time and activity time to remediate incidents.
TicketsClosedInPolicy Operations

TicketsClosedInPolicy illustrates incident response time. This scorecard presents trended metric results compared to user-defined policies for time to remediate incidents.
Manual Remediation in Policy Operations

Manual Remediation in Policy presents trended metrics results for the percentage of viruses manually remediated within the time specified by user-definable policy.
Manual Virus Remediation Time Operations

Manual Virus Remediation Time displays statistics for the number of days required to manually remediate virus events. This scorecard shows current and trended minimum, maximum, and mean values.
Mean Age of DAT Files Operations

Mean Age of DAT Files presents the current state of deployed agents of a Host Intrusion Prevention System (HIPS). This scorecard presents trended metric results for the mean age of signatures.
Mean Age of IDS Signatures Operations

Mean Age of IDS Signatures presents trended metric results for mean signature age.
Mean Age Of Tickets Operations

Mean Age Of Tickets presents trended metric results for mean time to remediate incidents.
Mean Age of Virus Definitions Operations

Mean Age of Virus Definitions examines the latency in virus definition updates. It displays statistics on the number of days since last signature update.
Targeted Hosts Operations

Targeted Hosts identifies potentially compromised hosts. This scorecard presents trended metric results for alert incidents and lists hosts with the most alerts detected by host intrusion prevention, Network Intrusion Prevention (NIPS), and/or Network Intrusion Detection Systems (NIDS).
Threat Identification Statistics Operations

Threat Identification identifies potentially compromised hosts. This scorecard presents trended metrics results for alert incidence and severity, and lists hosts with the most alerts detected by host intrusion prevention, Network Intrusion Prevention (NIPS), and/or Network Intrusion Detection Systems (NIDS).
Threat Monitoring Statistics Operations

Threat Monitoring identifies frequently targeted hosts. This scorecard presents metrics results listing target IP addresses and ports with the highest total alerts generated by host intrusion prevention, network intrusion prevention, and/or network intrusion detection systems.
Top Desination IP Addresses Operations

Top Desination IP Addresses identifies frequently targeted hosts. This scorecard presents metric results listing target IP addresses with the highest total alerts generated by host intrusion prevention, network intrusion prevention, and/or network intrusion detection systems.
Top Infected Hosts Operations

Top Infected Hosts indicates hosts most susceptible to virus infection. This scorecard lists the ten hosts with the highest number of virus events during the reporting period.
Top Severe Viruses by Virus Detection Count Operations

Top Severe Viruses lists the current ten most prevalent critical viruses in the organization.
Top Source IP Addresses Operations

Top Source IP Addresses identifies frequently targeted hosts. This scorecard presents metric results listing target IP addresses with the highest total alerts generated by host intrusion prevention, network intrusion prevention, and/or network intrusion detection systems.
Top Target Ports Operations

Top Target Ports identifies frequently targeted ports. This scorecard presents metric results listing ports with the highest total alerts generated by host intrusion prevention, network intrusion prevention, and/or network intrusion detection systems.
Top Viruses by Virus Detection Count Operations

Top Viruses lists the current ten most prevalent viruses in the organization.
Virus Count by Severity Operations

Virus Count by Severity illustrates the distribution of virus events by severity level.
Virus Definition Age Statistics Operations

Virus Definition Statistics examines the latency in virus definition updates. It displays statistics on the number of days since last signature update and volume of signatures updated within policy.
Viruses Blocked Operations

Viruses Blocked presents trended metrics results for the percentage of virus events blocked by an antivirus system.
Virus Event Count by Targeted Operating System Operations

Virus Event Count by Targeted Operating System illustrates the distribution of virus events by operating system.
Virus Event Statistics Operations

Virus Event Statistics presents metrics results for volume, severity, and target platform of virus events, and lists the ten most prevalent viruses.
Virus Impact Rating Operations

Virus Impact Rating presents trended metrics results for virus impact, and lists the ten viruses with the highest impact ratings. Impact rating is defined as total virus events weighted by virus severity.
Virus Impact Statistics Operations

Virus Impact shows the impact of virus events and identifies the hosts most susceptible to virus infection. This scorecard presents trended metrics results for virus impact, lists the ten viruses with the highest impact ratings, and lists the ten hosts with the most virus infections.
Virus Protection Statistics Operations

Virus Protection displays statistics for automatic and manual virus remediation. This scorecard presents trended metrics results for virus events remediated by an automated antivirus system, virus events remediated manually within user-definable policy, and ticket aging.
Virus Remediation Attempts Operations

Virus Remediation Attempts illustrates the distribution of virus auto-remediation actions. This scorecard shows the total number of virus events cleaned, deleted, and quarantined.
Virus Remediation Statistics Operations

Virus Remediation shows the distribution and success rate of virus auto-remediation actions. This scorecard presents trended metrics results for attempted remediation actions, and for remediation outcomes.
Virus Remediation Status Operations

Virus Remediation Status illustrates the effectiveness of automated virus remediation efforts. This scorecard shows the distribution of virus events by auto-remediation status: successful, failed, or unknown.
Virus Event Count Operations

Virus Event Count presents trended metrics results for the total number of virus events detected.
Volume of Agents Operations

Volume of Agents presents the current state of deployed agents of a Host Intrusion Prevention System (HIPS). This scorecard presents trended metric results for number of agents deployed
Volume of Alerts Operations

Volume of Alerts presents trended metric results for alert incidents by host intrusion prevention, Network Intrusion Prevention (NIPS), and/or Network Intrusion Detection Systems (NIDS).

Do it...

Contact Us

Tell me...

What am I looking at?

How do I use this page?


Community content licensed under Creative Commons :: Privacy Policy :: Terms of Use :: Contact Us

ABOUT SSL CERTIFICATES

8 New England Executive Park, 3rd Floor | Suite 390, Burlington MA 01803 | Main Number 617-456-1900
ClearPoint is the IT security measurement Company for Governance, Compliance and Risk
Copyright © 2005-2010 ClearPoint Metrics. Inc. All rights reserved