The UpGuard Home Page provides a summary of the node scan history, changes, policy checks, and external website scans that have occurred over the last ten days. It provides an indicator of the health of your environment, and a place from which to identify potential issues. For Infrastructure Operations, this may be unexpected or unapproved changes, as well as changes that cause policies to fail. For Security Operations, it may be a descrease in the Cyber Risk score. For an IT Manager, it may simply be a fall in the overall CSR score.

homepage

Online Help

The page has an integrated help system which is accessed by clicking on the ‘i’ icon for each section.

Near the top right corner of the page is a “Quick Links” menu which provides a quick way to access commonly-used features and pages.

w200

Filtering the Displayed Information

When the Home Page is first loaded it includes information from every node in the organization. To narrow down the information displayed, the page can be filtered to show information from specific environments and node groups. If both an environment and node group filter are applied, the page will display information for the nodes that belong to that environment, and are also in the node group. This could be used for instance to show nodes in the “production” environment that are also in the “Windows Server” node group. Only one environment filter can be applied, but multiple node group filters can be applied. For instance, the previous example could be refined to show the nodes in the “production” environment that are in either the “Windows Server” or “SQLServer” node groups.

homepage

Overall CSR Score

UpGuard’s CSR, or Cyber Security Rating, provides an overarching measure of an organization’s security. The score is based on a comprehensive analysis of every server, network device, and cloud service in the environment, as well as external cyber risks such as the industry in which the organization operates. The score is the weighted average of four category scores - Changes, Policy Coverage, Policy Pass Rate, and Cyber Risks - across all selected environments and node groups. An overall CSR score that is low or falling may indicate a problem. Examine the four quadrants to identify which category requires further attention.

homepage

Use the color key below to assess your CSR score and the severity of any issues present in the environment.

w600

Node Scanning

The Node Scanning section provides a quick summary of how your nodes are scanning each day. It is important that all nodes are scanning daily so that you maintain visibility into your own systems as well as being able to report on other node statistics. For example, if a node fails to scan on a particular day then you won’t even be able to see if your policies are passing or failing for that day.

The Nodes Scanned graph shows the total number of nodes that scanned at least once on that day and had no failed attempts to scan. The Failures graph shows the number of nodes that had at least one failed attempt to scan for that day, regardless of how many successful scans it also logged.

w600

Changes

The Changes section of the page captures all changes that have recently occurred. The score is based upon the extent to which these changes can be validated by tests - a low score indicates a high amount of change without corresponding tests. The Changes summary information can be used to quickly identify changes that were not expected, especially when combined with Environment and Node Group filtering.

w600

Policies

The Policies section tracks an organization’s ability to maintain systems in a resilient state. To determine the Policies score, UpGuard first assesses test coverage. Without testing, there is no way to know that a system is misconfigured. You can increase your test coverage by writing custom policies or choosing from UpGuard’s content library. The more test coverage, the better the Policies score. UpGuard then calculates the pass rate for those tests. A high Policies score means the organization does a good job ensuring that systems are configured correctly. Policy failures should be investigated and remediated.

w600

External Cyber Risk

Scores for node changes and policies are calculated by examining the organization from within. The External Risk score captures risk from the outside. It encompasses a number of factors, including whether websites and communication infrastructure are configured securely, the nature of the industry in which the organization operates, and the even the sentiment of staff within the organization for all website nodes.

w600

Tags: csr