DSALTA

Overview of the Risk History Dashboard

The Risk History tab provides a log of all past and present security findings for a specific vendor. This gives you a clear and historical view of their security posture.

The dashboard helps you understand trends, identify recurring issues, and track remediation efforts.

- The Risk History tab provides a log of all past and present security findings for a specific vendor. This gives you a clear and historical view of their security posture.
- The dashboard helps you understand trends, identify recurring issues, and track remediation efforts.

- At the top of the page, you'll see a summary of the total number of findings categorized by severity: Critical, High, Medium, and Low.
- This provides a quick snapshot of the current state of the vendor's security posture and the distribution of risk.

- The main table lists all the individual findings. Each row represents a specific security issue.
- Finding: A concise description of the security issue (e.g., "Revoked certificate in use," "DMARC policy is private").
- Risk: A description of the potential risk associated with the finding (e.g., "Susceptible to man-in-the-middle attacks," "Emails can be fraudulently sent").
- Category: The security category the finding belongs to (e.g., Encryption, Email, Website).
- Status: The current status of the finding (e.g., Passed, In Remediation, Failed).
- Assets: The number of assets affected by this finding.
- First Detected: The date when the finding was first identified.

- Prioritize: Use the severity summary to focus on the most critical risks first.
- Track Remediation: Monitor the "Status" column to see which issues have been addressed and which are still pending.
- Investigate: Click on any finding to view its detailed history and additional information.

1. Risk Severity Summary:
 - At the top of the page, you'll see a summary of the total number of findings categorized by severity: Critical, High, Medium, and Low.
 - This provides a quick snapshot of the current state of the vendor's security posture and the distribution of risk.
2. Risk Details Table:
 - The main table lists all the individual findings. Each row represents a specific security issue.
 - Finding: A concise description of the security issue (e.g., "Revoked certificate in use," "DMARC policy is private").
 - Risk: A description of the potential risk associated with the finding (e.g., "Susceptible to man-in-the-middle attacks," "Emails can be fraudulently sent").
 - Category: The security category the finding belongs to (e.g., Encryption, Email, Website).
 - Status: The current status of the finding (e.g., Passed, In Remediation, Failed).
 - Assets: The number of assets affected by this finding.
 - First Detected: The date when the finding was first identified.
3. Using the Dashboard:
 - Prioritize: Use the severity summary to focus on the most critical risks first.
 - Track Remediation: Monitor the "Status" column to see which issues have been addressed and which are still pending.
 - Investigate: Click on any finding to view its detailed history and additional information.

___________________________________________________________

From the Risk History dashboard, click on any finding to open the detailed risk view, as shown in the visual.

This detailed view provides all the information you need to understand, communicate, and manage a specific security risk.

- From the Risk History dashboard, click on any finding to open the detailed risk view, as shown in the visual.
- This detailed view provides all the information you need to understand, communicate, and manage a specific security risk.

- Finding: A clear heading describing the issue (e.g., "SSL not available").
- Manage: The "Manage" button allows you to take actions, such as updating the status of the finding or assigning it to a team member.
- Severity: The severity level of the risk (e.g., "Critical").
- Category: The security category it falls under (e.g., "Encryption").
- First Detected: The date when the issue was first found.
- Assets Affected: The number of assets impacted by this risk.
- Status: The current status of the finding (e.g., "Failed").

- Summary: Provides a detailed, technical explanation of the finding, its potential impact, and why it is a security concern.
- Risk Details: Offers a more in-depth description of the risk, its potential consequences, and what it means for your organization.
- Recommended Remediation: Suggests specific steps or actions that the vendor can take to fix the issue. This is crucial for guiding the remediation process.
- Affected Assets: Lists the specific domains, subdomains, or IP addresses that are impacted by this finding. This helps the vendor pinpoint exactly where the problem lies.

- Use this detailed information to create a remediation plan with your vendor.
- Share the recommended remediation steps directly with them to help them address the issue efficiently.

1. Risk Details Panel:
 - Finding: A clear heading describing the issue (e.g., "SSL not available").
 - Manage: The "Manage" button allows you to take actions, such as updating the status of the finding or assigning it to a team member.
 - Severity: The severity level of the risk (e.g., "Critical").
 - Category: The security category it falls under (e.g., "Encryption").
 - First Detected: The date when the issue was first found.
 - Assets Affected: The number of assets impacted by this risk.
 - Status: The current status of the finding (e.g., "Failed").
2. Detailed Information Sections:
 - Summary: Provides a detailed, technical explanation of the finding, its potential impact, and why it is a security concern.
 - Risk Details: Offers a more in-depth description of the risk, its potential consequences, and what it means for your organization.
 - Recommended Remediation: Suggests specific steps or actions that the vendor can take to fix the issue. This is crucial for guiding the remediation process.
 - Affected Assets: Lists the specific domains, subdomains, or IP addresses that are impacted by this finding. This helps the vendor pinpoint exactly where the problem lies.
3. Taking Action:
 - Use this detailed information to create a remediation plan with your vendor.
 - Share the recommended remediation steps directly with them to help them address the issue efficiently.

Learn how to use the Risk History dashboard to get a clear view of all misconfigured controls across your vendors.

Vendor - Risk History

DSALTA Framework®

Help Center

Footer

Back to app

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Vendor - Risk History

Overview of the Risk History Dashboard

Accessing Risk Details