CSF Audit Summary (Explore)

This dashboard provides organizations with information which specifically measures against the compliance standards related to the Cybersecurity Framework (CSF or Framework) established by NIST.  The CSF is a risk-based approach to managing cybersecurity risk, developed to improve cybersecurity risk management. The CSF provides guidance based on existing standards, guidelines, and practices, which can be tailored to specific organizational needs. 

Multiple subcategories within the CSF functions address the complete management of vulnerabilities, from identification to remediation. This dashboard provides a high-level overview of an organization's vulnerability management program and can assist the organization in identifying vulnerabilities, prioritizing remediations, and tracking remediation progress. Analysts can also use this dashboard to easily drill down into the data presented by the dashboard components. This enables the analyst to gain more detailed information about the vulnerabilities found on the network, such as which vulnerabilities are the most dangerous. The analyst can also determine information that will benefit vulnerability mitigation. This information might include on which hosts a vulnerability is found and what remediations would most benefit a particular group of machines. Knowing these details can enable better and more efficient vulnerability management, patching, and mitigation within the organization.

Tenable provides several solutions for organizations to better understand vulnerability management. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Vulnerability Management (formerly Tenable.io) discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. The requirements for this dashboard are: Tenable Vulnerability Management.

Widgets:

• Framework Result Summary - This widget provides compliance results (Passed, Warning, Error, Failed) results related to the CSF established by NIST.
• Control Summary - This widget provides compliance results for each control family within the compliance standard. Each family displays information highlighting the result count and a bar chart displaying a visual overview of the results.
• Audit Check Type Summary - This widget provides compliance results for Windows and Unix hosts related to the CSF established by NIST. The rows display information highlighting the result count and a bar chart displaying a visual overview of the results.
• Detect - This widget provides details on each of the compliance controls for the compliance family group being referenced. The compliance control reference number is followed by a count, and compliance result for the compliance control.
• Identify - This widget provides details on each of the compliance controls for the compliance family group being referenced. The compliance control reference number is followed by a count, and compliance result for the compliance control.
• Protect - This widget provides details on each of the compliance controls for the compliance family group being referenced. The compliance control reference number is followed by a count, and compliance result for the compliance control.
• Recover - This widget provides details on each of the compliance controls for the compliance family group being referenced. The compliance control reference number is followed by a count, and compliance result for the compliance control.
• Respond - This widget provides details on each of the compliance controls for the compliance family group being referenced. The compliance control reference number is followed by a count, and compliance result for the compliance control.