Help Center: Active Monitoring

Active Monitoring is a comprehensive dashboard that provides users one stop view of each System's risk status as it relates to the most recent scanning data imported into the system as it relates the device security, security categorization, and policy.

Base Risk Level

The Risk Level of the system using only the average Nessus Risk Level of its findings.

Mitigated Risk Level

This is the risk level of the mitigation factor.

Impact Risk Level

This is the Risk Level of the CIA configuration.

Overwatch Risk Level

Overwatch Risk Level is the Risk Level of the Base Risk after you factor in all of the Overwatch Alerts.

Overwatch alerts are visible on the lefthand side of the Active Monitoring screen. They represent the different types of escalation that Active Accreditation applies to the score.

Screenshot of alerts

The current types of Overwatch alert are:

  • Stale Data – Stale data alerts occur for each threshold of the "Stale Data Threshold" of the Organization that has been crossed.
  • Review – Review alerts occur when a manual review is not marked as complete prior to the date.
  • Vulnerability – Vulnerability alerts occur for vulnerabilities that are found via the Nessus scans that are not marked as mitigated or false positive prior to crossing a threshold of the Organizational Defined parameters for Vulnerability escalations.
  • No Data – This alert appears when you have no data in the system.

The score determines the sort order on Active Monitoring. The score is the formula for Active Accreditation that helps you prioritize your vulnerabilities.

Score Formula

If Device is unidentified it will be (Base Risk Level * 10^3).
If Device is Identified it will be Base Risk Level + Impact Risk Level + Mitigation Risk Level + Overwatch Risk Level.

Device Record Details

You can drill into each device to view the vulnerability records by clicking on the list item icon.

Photo of Device Details icon

From here you can view all the Nessus records that have been imported into the system for that device. You can also click either the placeholder icon icon or the placeholder icon icon to mark as mitigated or false positive.