Dashboard is the default view or landing page that appears after you log in. The dashboard provides a variety of information depending on the selected widgets.
To access the dashboard from any screen, go to the Main Menu > Dashboard.
SIRP allows you to configure your own dashboards as per your requirements.
SIRP comes with a pre-defined list of ready-to-use dashboards. Following are the dashboards currently available in SIRP:
Artifacts or IOCs are important pieces of information that consist of actionable evidence collected during an investigation e.g. IPs, hashes, usernames, email addresses, email headers, etc. SIRP provides you with a dashboard to keep track of important statistics about all your artifacts. You can access the Artifacts dashboard by selecting Main Menu, clicking on Dashboard, and then selecting Artifacts from the Dashboards dropdown list.
Incidents dashboard provides a collection of graphs and charts, illustrating a high-level picture of all the Incident Management related activities.
To access the Incidents dashboards, go to Main Menu, click on Dashboard and select Incidents rom the Dashboard dropdown list.
The Automation dashboard provides you statistics related to the automation tasks executed either directly or through a playbook. This particular dashboard is helpful in analyzing your cost savings and ROI based on amount of analyst hours saved through automation.
To access this Automation dashboard, go to Main Menu, click on Dashboard, and select Automation from the dashboard dropdown list.
Threat intelligence provides actionable data about threats and threat actors that help mitigate harmful events in cyberspace. The Threat Intelligence dashboard allows greater visibility across the threat landscape via Advisories and threat stats from different security controls. With easy-to-use charts and graphs, SIRP aggregates threat data specific for your environment in a way that is actionable and meaningful for you and your team.
To access the Threat Intelligence dashboard, go to Main Menu, click on Dashboard, and select Threat Intelligence from the Dashboard dropdown list.
Vulnerabilities in the system represent a collection of weaknesses that can cause a successful attack or a security breach. The Vulnerabilities dashboard presents statistics about all the vulnerability assessments done over time and enables the security team to prioritize remediation activities.
To access the Vulnerabilities dashboard, go to Main Menu, click on Dashboard, and select Vulnerabilities from the Dashboard dropdown list.
The KPI (Key Performance Indicators) dashboard provides a quick glance at the performance metrics of your security operations efforts. Using the KPI dashboard, the SOC manager, CISO, and the incident response team can keep a check on their performance and focus on factors that need improvements.
To access the KPIs dashboard, go to the Main Menu, select Dashboard, and click on KPIs from the Dashboard dropdown list.
To respond to an incident, inter-department communication requires a lot of queries and repeated follow-ups. SIRP simplifies the process of such end-to-end communication using a dedicated module called Cases. The security team can open cases to handle a variety of issues like an incident, a vulnerability, a threat advisory, or a risk. The Cases Dashboard provides a graphical visualization of the case trends, categories, and status.
To access the Cases dashboard, go to the Main Menu, select Dashboard, and click on Cases from the Dashboard dropdown list.
SIRP Security Score
SIRP Security Score (S3) quantifies your organization’s “Threat Exposure” and assesses the internal and external attacks. SIRP’s Predictive Scoring System (SPSS) uses more than 25 unique factors in a model to predict the probability of a successful attack or possible operation. This scoring system also identifies the areas in the security system that must be given the highest remediation priority.
To access the S3 dashboard, go to the Main Menu, select Dashboard, and click on the SIRP Security Score from the Dashboard dropdown list.
SIRP allows you to customize the existing dashboards as well as create your own dashboards. To view the list of available dashboards, click on the + icon provided at the top right corner of the dashboard page.
The next page will show you the list of existing dashboards along with the option to add a new dashboard of your own.
Click on Create Dashboard button displayed at the top of the page to create a new dashboard. A popup form will appear containing two fields. Enter the Name and Description of the new dashboard then click the Create button to save the changes.
The SIRP dashboards are simply the collection of different widgets arranged in a defined order, where each widget provides a different piece of information. You can customize any of the existing or newly created dashboards by adding or removing the widgets.
Simply click on the Edit Dashboard button in the collection dashboards
Clicking on the button will take a menu that contains the library of all available widgets. The widgets are divided into multiple categories (Incidents, Vulnerabilities, Threat Intelligence, Asset Management, Dashboards & Widgets, Risk Management, Automation, and Case etc) depending on the type of information they display.
You can add by clicking the Add button adjacent to the widgets listed in the library.
You can remove widgets from your dashboard by clicking on cross in the upper right corner of the widget.
Once you have made the required changes there is no need to save as the changes are saved automatically
Drag and Drop
Dashboards play a key role in representing the security metrics or KPIs for managing or monitoring a process. With the drag-and-drop feature, you should be able to customize your dashboard layout as you prefer. The data can be mostly represented using data visualizing interacting widgets like charts, maps, graphs, grids, and more.
The information and statistics provided on different dashboards can be filtered by choosing a date range from the date filter available at the top left corner.