Overview

With the distributed software components Pulsar Agent, Observer, Watchdog and Hacktor, Enginsight lets you collect diverse and in-depth analyses about the security state of your entire IT infrastructure. The dashboard takes on the task of aggregating the analysis data globally to make it immediately accessible. This allows you to see the most important results at a glance and identify where the most urgent need for action is.

You can customize the start and end periods of the statistics displayed according to your preferences. To do this, use the options in the top right-hand corner. There you will also find a button to reset the zoom.

Assets and licenses

You get an overview of the number of hosts and endpoints you monitor with Enginsight, as well as the Observations performed with the Watchdog. You can also see how many free licenses you have left to monitor additional assets and whether you need to adjust your license quotas soon.

The section informs you about the known vulnerabilities (CVE) on your hosts as well as your endpoints. On the one hand, you get a list of the five applications most frequently affected by CVEs in your IT environment. You should place a special focus on this software and, if necessary, reconsider their patch management.

In addition, Enginsight gives you an evaluation of the trend of the security state of the monitored hosts and endpoints here. We break down the number of vulnerabilities found according to their urgency. The chart not only helps you correctly assess the security state of your IT. It also shows you how effectively your targeted interventions are taking effect.

Security vulnerabilities: risk score and scatterplot

To easily identify the most vulnerable assets of your IT environments, the risk score helps you. It is calculated using the Common Vulnerability Scoring System (CVSS) and the number of CVEs present.

Graphically represented in the scatterplot, a cloud of dots, you can see in the upper right corner those assets where the most and most urgent work is waiting for you. The further down and to the left an asset is, the fewer (critical) security gaps there are. The scatterplot thus gives you an estimate of the distribution of security gaps.

In addition to the scatterplot, you can also see the assets that are most at risk according to the risk score in the adjacent list.

Network Anomalies

Here you get a first evaluation of the attacks detected by the analysis of the network traffic. The pie charts give you an overview of the most frequently occurring attacks and the assets most affected by attacks. Check whether you can restrict access to the relevant systems to minimize the attack surface (e.g., close ports, adjust firewall configuration).

You can see from the trend how the attacks develop over time. We differentiate here according to urgency: High, Medium and Low. Pay particular attention to sudden changes. These indicate a security-critical configuration change or even successful infiltration of your IT environment.

For more detailed intrusion detection results, see Hosts → Network Anomalies.

Audits

Get the results of the penetration tests you have performed. The dashboard provides you with a pie chart of the most vulnerable target systems according to the risk score. In addition to detected CVE, the other checks of the pentests are also included in the calculation of the risk score.

The display of urgencies shows whether the majority of the checks have been passed (ok), whether safety-critical results are available (low, medium, high, critical) or whether checks could not be performed (error). Here, too, you will also see a chronological progression.

Activities

Under 'Activities' you will receive a user log that helps you understand how Enginsight is used by team members. You can use the User Log e.g. as a control instance or for troubleshooting. Use the filters of the search bar to track specific activities.

The user log contains the following actions: