We know that dashboards can be pretty powerful, a good dashboard can, for some roles, be all you need to utilize a tool. With that in mind we have set out to make our dashboard better and more usefull. In this release we are introducing some new cards and updating existing ones.
The ‘Average Score’ card provides an overview of the overall state of your assets. We wanted to make it more useful, so we expanded it to include a graph of changes in the past 14 days. Now it can help you recognize trends e.g., sudden spikes or drops in the asset's score can indicate an unusual event.
The 'Monitored Assets' card was meant to provide an overview of how many of the assigned assets are also actively monitored,
but the reality turned out to be that most if not all of the assigned assets were also actively monitored rendering this card static.
Now this card represents the distribution of Assigned, Monitored and Discovered assets.ֿ
You might have noticed that there is something missing from the Dashboard screen and that is the Vectors feed.
We realized that it mostly isn’t being used and that it was prime dashboard real estate that was going to waste.
Instead, we moved the ‘Vulnerable Assets' card their and renamed it ‘Verified Vectors’ and added its counterpart the 'Archived Vectors' card.
MTTR is an important metric, it represents how long it takes on average to remediate vectors.
The card calculates how long has passed from the date the vector was first found to when it was last seen.
Only archived vectors are calculated.
We added native integrations to Slack and Teams for you to send the data collected by the playbook as a Slack or Teams message. From now on every playbook trigger will have two new endpoints:
Selecting one of these options will provide you with a field to enter a webhook that needs to be generated by Slack or Teams, respectively.
Custom HTTP headers allow you to add a signature to scans so that you can easily identify them. For example, adding "X-Scanned-By: ULTRARED" will include this header in all HTTP requests. This same functionality can be used to perform authorized scans that would otherwise get blocked (e.g: error 401, 403, etc.). Adding a bearer token is a good example for that - including session or token information will essentially turn ULTRARED's "black-box" approach into a "white-box" one. Scans will be able to continue instead of stopping on login pages providing you with a scanner that is customizable to your assets.
Custom headers can be added from the Scan Setting page in the Configurations menu.