The New CyberFOCUS Initiative Report is Available Now

Reporting often feels like a tedious checkbox task for IT admins, but it's crucial to be able to demonstrate accountability, remediation effectiveness, and improvements in security posture. Currently, the process is bogged down by tracking individual CVEs and limited visibility into areas of vulnerability remediation progress. This creates a disconnect between security teams requesting remediations and IT operations teams implementing them, ultimately elongating vulnerability resolution time and leaving potential security gaps unaddressed.

What is the CyberFOCUS Initiative Report?

The new CyberFOCUS Initiative Report is a new report that tracks groups of vulnerabilities as CVEs and reports the prevalence of those CVEs in specified parts of your environment. It’s included in the capabilities provided by HCL BigFix CyberFOCUS Security Analytics which is delivered as part of HCL BigFix Lifecycle, BigFix Compliance, and BigFix Remediate. The Initiative Report does this by utilizing initiatives and super groups.

An initiative is a collection of CVEs that make up a vulnerability mitigation or patching campaign. An initiative allows organizations to measure vulnerability exposures across a set of CVEs you provide, or it will use one of the built-in initiatives.

A super group is a collection of computer groups taken from your HCL BigFix environment. Computer groups within the super group can be given an alias for easy readability in the report and the same computer group can be used in multiple super groups. Use super groups to see your exposure risk for an initiative. For example, if I have each of my office locations set up with their own computer groups, I can set up a super group containing all of the locations and easily view which offices have the largest exposure.

The initiative report can be utilized in a variety of ways. Use it to track and report on the progress of vulnerabilities remediations requested by the Security Ops team. Use it to compare remediation performance across different patch teams to create some healthy competition. Use the report to identify teams that may need additional help or staff in order to reduce patch time.

Key Features of the Initiative Report

The main graph of the report lists the number of devices that are exposed to the various CVEs found by computer group. Click on any of the CVEs to view more information about that vulnerability in the bottom section.

Below the graph is the summary table showing the exposure count totals by computer groups by country. The table provides an easy way to understand the vulnerability exposures and exposure density in each computer group.

Below that is the drilldown for a specific CVE where you can select the fixlets that are applicable, various information about that fixlet and vulnerability, and click through to see the applicable machines. This information can then be taken to begin remediation.

Try it Now!

The CyberFOCUS Initiative Report is a powerful and versatile tool that can help organizations of all sizes improve their cybersecurity posture. By providing clear and concise insights into vulnerability exposure, remediation progress, and team performance, the Initiative Report enables IT admins to make informed decisions, streamline operations and reduce risk.

Whether you're looking to track the progress of a remediation campaign, identify areas for improvement, or simply gain a better understanding of your organization's vulnerability landscape, the Initiative Report is a powerful tool. By leveraging the power of this report, you can take control of your cybersecurity efforts and achieve better outcomes through collaboration across IT Operations, Security Operations and the C-Suite.

Users may access the new Initiative Report from the CyberFOCUS Analytics dashboard. If you are not a current HCL BigFix user, let us show you CyberFOCUS Security Analytics including the new Initiative Report. Request a demo today!