Digital Footprint Risk Reporting

In this video we’ll be discussing Digital Footprint Risk Reporting.

1. How it Works

This is how digital Risk Reporting works.

An organization’s Digital Footprint is analyzed and a digital footprint risk reporting score is created.

As security remediation are performed, those new changes are reflected in the organizations digital footprint.

This causes a change in the risk reporting score.

As these changes are tracked over time it will show how effective an organization’s security program is doing.

2. Understanding Risk Reporting

Let me help you understand digital footprint risk reporting.

Digital Footprint Risk Reporting is broken down into four sections, Risk Reporting Overview, Threat Indicators, Security posture, and Metrics (44 metrics). (high level breakdown of each section.)

The Risk Reporting Overview section is an organization’s overall risk it is broken down into threat indicators and security postures.

Each of those sections can be drilled into to see why the score was derived.

Threat Indicators:

Threat indicators are active observations of malicious or suspicious activity on an organization’s digital footprint. Assets flagged in this area should be immediately investigate and remediated to improve your organizations security risks.

Threat indicators are security issues sourcing from your organization’s assets that are part of your digital footprint.

—-

Security Posture:

Security Posture is a measurement of the maturity and complexity of an organization’s security program based on analysis of the external facing assets that comprise their Digital Footprint.

It is comprised of technical and non-technical policies and best practices, processes, and controls that mitigate risks of external threats on your Digital Attack Surface.

These can be vulnerabilities in frameworks, operating systems, open ports, expired SSL certificates or out of date algorithms in use.

3. CVE Exposure

Under security posture we see website CVE exposure has a score of 17 and it is red.
Let’s drill into CVE exposure and see underlying components of this score.

4. Drill Into Website CVE Exposure

Drilling down into Website CVE Exposure we see the breakdown of the components for the organization.

We see that we have 208 websites with a critical scored CVE.

234 have been scored high
271 have been scored medium
207 have been scored low

Let’s examine Website with a critical Scored CVE.

5.

Let’s examine an asset that is running an outdated ASP.NET 2.0 framework, the current ASP.NET framework should be 4.0

Let’s drill into one of these asset and see all of the web components and what CVE’s are associated with this asset.

— click on web components

Here we see the outdated ASP .Net 2.0 framework.

— click on CVE

Now let’s look at the CVE information.

Here are all of the CVE’s associated with this asset.

This information can be updated from the inventory.
If you click in the box next to the CVE number you can modify the information with a response.

— click on the box and modify CVE

CVE’s can be marked as
Patched
Erroneous Detection
Compensating Control Applied
Or Not Applicable.

Once the changes have been applied this will change the organizations digital footprint which will cause a change it the organizations digital risk reporting score.

6. ASP.Net 2.06

Now let’s look at the organization’s entire inventory and see all assets running the outdated ASP .Net 2.0 framework.

From Inventory we expand websites, then framework, and click on the check box next to ASP.NET 2.0.

This will filter the inventory to only show the outdated framework on all assets in the inventory.

Here we can see we have 41 assets running this outdated framework. If the organization updated these web servers to ASP .net version 4.0 then when the assets are updated in their digital footprint it would improve their security posture and improve their organization risk reporting score.

—–

Digital Footprint Risk Reporting allows Security leadership to understand trends with regard to risk and security posture over time, they will be able to see tangible results from their investment in digital threat management.