Risk Score Widget

The Risk Score widget provides a visual representation of your organization's overall cyber risk score, as well as the risk scores for specific environments or asset groups within the organization. It illustrates how cyber risk is being mitigated and displays the reduced risk score when vulnerabilities in a group of assets are addressed. Trending details enhance the visualization of risk reduction.

This widget demonstrates how different teams across the organization are performing and how effectively they are managing cyber risk to remain within acceptable limits. The risk score shown is the average of all TruRisk scores associated with the selected tag. If no tag is selected, the average for all assets within the environment is calculated to represent the overall cyber risk for the organization.

Creating Risk Score Widgets to Track TruRisk™

The most effective way to visualize risk throughout the organization is to utilize the Qualys Unified Dashboard and TruRisk Score widgets. These widgets enable organizations to quickly quantify risks within their infrastructure, identify high-risk assets, mitigate those risks, and monitor risk reduction over time.

You can use the TruRisk Score widget type to show data based on the risk score of the assets in your environment. By narrowing down the scope of the assets, you can also calculate the risk score for a specific subset of assets within your environment.

Watch this to learn how to create a Risk Score widget. Detailed steps are also provided below. 

Perform the following steps to view the overall visibility of your organizational risk score:

1. On the dashboard, click the Add Widget button. The widget library is displayed.
2. Click Build your widget.
3. On the right pane, select the TruRisk Score widget.
4. On the left pane, select Vulnerability Management application.
5. Provide a Widget Name. Optionally, to display the widget description, select the Show description on widget checkbox.
6. Click Query Settings.
7. In the TruRisk Score, choose Asset Query or Vulnerability Query.
8. Optionally, you can click Advanced Settings and enable the Contributing Factors to view the contributing vulnerabilities and total assets.
9. Click Display Settings and select the color you want to reflect on the TruRisk Score meter; this color only applies to the TruRisk Score meter. 

   The color chosen in the Display Settings does not change the colors of the Contributing Factors.

You can view the preview of the widget and configure the parameters as per your requirements. Click Add to Dashboard to complete widget creation and view the widget on the dashboard.

The Dashboard helps visualize the riskiest assets and vulnerabilities based on QDS and TruRisk Score to make informed choices about mitigating the risk to your environment.

Risk Score Widgets Examples

Assess TruRisk for External Assets

Create a widget with QQL:

tags.name:Shodan or tags.name:external or tags.name:`EASM`,`Shodan`,`Internet Facing Assets`

Enable trending and contributing factors

You can further slice these numbers based on geographic location, business units to quickly assess the risk of prioritizing remediation efforts.

View TruRisk™ Score based on Tags

Create a Table widget using QQL:

tags.name:agent

Add multi-grouped of Tags and TruRisk™

Create High Value vs High-Risk Asset Widgets

You can analyze the critical assets you have how many have the critical risk score. 

Top Vulnerabilities to Prioritize

We recommend organizations prioritize critical vulnerabilities on high-value assets first.

Create a query to identify vulnerabilities in Asset Query using QQL:

criticalityScore>=4 or riskScore>=700 and in

Vulnerability Query Configuration

Create a widget using QQL:

vulnerabilities.detectionScore>90 and vulnerabilities.typeDetected:confirmed

There are different sets of widgets you can create to make your dashboard more effective, which provides you with a complete track of the risk across your organization.