Exposure Mangement Console

DataBee’s Exposure Management Console provides quick insights into the assets in your environment and the vulnerabilities associated with those assets. Navigate to the Console tab on the DataBee platform’s header. In the drop-down, select Exposure Management. It is broken up into three sections: Device Insights, Application Insights, and Vulnerability Insights.

Device Insights

The Device Insights section in DataBee’s Exposure Management Console provides accurate insights into the assets in your environment and helps to keep your device inventory up-to-date and contextualized. Bringing clarity about devices in your environment enables your business to enhance its security coverage, reduce manual processes, increase alert accuracy, and more rapidly identify owners of orphaned devices.

Active Devices Observed

The Active Devices Observed widget reports the count of active device(s) observed by DataBee’s Entity Resolution over the chosen time period in the past. Entity Resolution should begin observing devices within 1 hour of ingesting data from any of the configured data sources for Entity Resolution. Hovering over the points in the graph will give you specific details regarding the count of active devices, date, and time.

Users with Most Devices

The Users with Most Devices widget reports the users, and the corresponding device count associated with that user over the chosen time period in the past. Entity Resolution begins observing users and devices within 1 hour of ingesting data from data sources that provide ownership information such as a CMDB.

Potential Device Owners

The Potential Device Owners widget reports the devices and their possible owners over the chosen time period in the past. Potential owners are determined using DataBee’s owner discovery feature. Additional details about the device or the owners may be reviewed by clicking on the respective names.

Devices without Owners

The Devices without Owners widget reports the total number of active devices without an owner association over the chosen time period in the past. The widget also indicates whether this number is increasing/decreasing and by how much.

Application Insights

The Application Insights section in DataBee’s Exposure Management Console allows for more accurate insights into the applications in your environment and helps to keep your application inventory up-to-date and contextualized. Bringing clarity about applications in your environment enables your business to enhance its security coverage, reduces manual processes, increases alerts’ accuracy, and more rapidly identify owners of orphaned and/or vulnerable applications.

Potential Application Owners

The Potential Application Owners widget leverages DataBee’s Entity Resolution to suggest possible owners for unassigned applications. Entity Resolution logically assigns potential owners based on factors such as associated devices and user interactions. Additional details about the application or the owners may be reviewed by clicking on the respective names.

Devices with Most Applications

The Devices with Most Applications widget conveys the devices running the highest number of applications. This widget can provide visibility into where risk may be concentrated in your organization. For example, if a device hosts significantly more applications than most, one may wish to take priority in ensuring that device receives patches.

Applications with the Most Vulnerabilities

The Applications with the Most Vulnerabilities widget conveys which applications have the highest count of un-remediated vulnerabilities. This can assist in the effective prioritization of remediation as well as understanding where risk may be concentrated in your environment.

Applications without Owners

The Applications without Owners widget reports the total number of active devices without an owner association over the chosen time period in the past. The widget also indicates whether this number is increasing/decreasing and by how much.

Vulnerability Insights

The Vulnerability Insights section in DataBee’s Exposure Management Console provides the opportunity to operationalize your DataBee Vulnerability Findings to improve your remediation SLAs and overall security posture. View the vulnerabilities affecting your organization through a wide lens, enabling you to know what you own, reduce unassigned findings, and prioritize remediation by risk.

Most Common Vulnerabilities

The Most Common Vulnerabilities widget highlights the vulnerability most frequent to your organization. In this widget, DataBee highlights a frequently seen CVE, its corresponding severity rating, and then displays a numerical tally of how often it appears in your organization.

Vulnerability Findings by Severity

The Vulnerability Findings by Severity widget provides a way to immediately assess the number of vulnerabilities in your organization, grouped by severity level. View this insight in a bar graph format or as a pie chart.

Owners with Most Vulnerabilities

The Owners with Most Vulnerabilities widget provides insight into the number of vulnerabilities associated with users in your organization. This information can provide insight into the human barriers preventing the consistent administration of security policy and vulnerability patching across your organization. Utilize this information to improve cross-functional interactions by providing transparent data insights.

Threat Overview

The Threat Overview widget provides a visual way to understand the threat trends in your organization over time and in terms of severity. Follow the timeline to see counts of detections across a given time period, organized by color to display ranging severity levels. Above, view a high-level count of Detection Finding events grouped by severity aggregated over the configured time range for the widget.