Skip to content

NodeZero Insights

Overview

NodeZero Insights gives you organization-wide visibility into your security posture so you can prioritize better, prove impact, and deliver strategic executive reports. The streamlined dashboard gives you aggregate and trend data from all tests you run with NodeZero autonomous pentesting. With this information, security leaders can prioritize mitigation efforts, prove impact of discovered weaknesses and exploits, and summarize a report to their executive stakeholders.

  • Visualize Attack Surface Evolution: Identify systemic blind spots and validate control effectiveness to ensure measurable progress.
  • Monitor Security Progress: Track critical metrics, such as mean-time-to-remediation (MTTR), to quantify improvements over time.
  • Analyze Weakness Trends: Deep dive into vulnerability types and severities, prioritizing fixes for maximum impact.
  • Proactively Identify Risks: Address organization-wide issues like outdated security controls and misconfigurations to prevent future threats.

Dashboard Sections

Open Weaknesses Over Time

This section shows the un-mitigated weaknesses across the entire organization as reported from NodeZero pentests. Each data point on the graph shows the total number of open weaknesses reported from all the pentest operations that were completed on that day. Users can visualize the data over 1 month, 3 month, 6 months, and 1 year periods. The list at the right of the graph summarizes counts of Open Weaknesses, Assets Discovered, and Assets at Risk as of today as well as the percentage change over the time period selected. An “Asset at Risk” is any unique asset that has at least one open weakness associated with it. Trend percentages are shown in red for metrics that are increasing but should be decreasing to improve the risk posture of the organization.

An example graph showing a trend of open weaknesses over time.

Users can see the open weaknesses separated by severity by changing the chart type in the selector. This graph shows the relative contribution of each weakness severity type to the overall open weakness trend along with the associated trends across the selected time period.

An example graph showing trends of open weaknesses over time, broken out by severity.

Users can also see the open weaknesses separated by type. This graph shows the relative contribution of each weakness type to the overall open weakness trend along with the associated trends across the selected time period.

An example graph showing trends of open weaknesses over time, broken out by weakness type.

Unverifiable Weaknesses

The majority of weakness types that are discovered and reported with NodeZero can be reported as mitigated once the user has taken some mitigation action and has run either a 1-click-verify operation or any incremental pentest operation. For the verifiable weakness categories, Insights will report open weaknesses as closed once the mitigation action is confirmed and tested. For the unverifiable categories, open weaknesses will continue to be reported as open in the Insights charts. Users have the option to include unverifiable open weaknesses in the Insights dashboard sections for sake of completeness when reporting trends.

A switch controlling the unverifiable weakness setting.

Attack Paths Over Time

This chart shows the open attack paths (or impacts) as reported as of each pentest operation over time. Users here can choose to visualize the data across 1 month, 3 month, 6 month, and 1 year time periods. The list to the right of the graph shows the top 5 most severe open attack path types with the most severe type listed at the top along with the associated trends. Trend percentages are shown in red for metrics that are increasing but should be decreasing to improve the risk posture of the organization.

An example graph showing a trend of attack paths over time.

Remediation Summary

In this section, users track distributions of key metrics that indicate the overall open weakness backlog and the remediation velocity across all weakness severities through mean-time-to-remediation (MTTR). Open Weaknesses by Severity shows the distribution of current open weaknesses by severity with the weaknesses that are in the un-verifiable category separated into their own histogram. Open Weaknesses by Age shows the distribution of the current open weakness backlog by how long the weakness has been open. For example, there could be weaknesses that were discovered within the last day or between the last day and 6 months ago. Mean Time to Remediation shows the average number of days across each severity type the organization took to remediate open weaknesses. This is visualized with a graph showing historical MTTR over a selectable time range. The current MTTR for each severity level is shown to the right.

A graph and histograms relating to remediation statistics.

CISA KEV Filter

Users can track their remediation efforts for CISA Known Exploited Vulnerabilities (KEV) using the toggle switch near the top of this section.

An example of using the CISA KEV filter to limit the remediation statistics to only that type of weakness.

When enabled, the MTTR graph and Open Weakness charts will reflect CISA KEV weaknesses only. This allows organizations to prioritize remediation efforts towards known exploits.

Pentest Series Analysis

This section shows an overview of the active scheduled pentest templates the organization has configured along with the result attack paths after completion of each pentest operation in the series. Users can select 1 month, 3 month, 6 month, and 1 year time periods and each data point shows the number of open attack paths reported. Users can also see a list of upcoming scheduled pentest for each template.

Several small graphs corresponding to the pentest series results for this organization.

To see further details on the numbers of each data point and information on other metrics like credentials compromised, users can click on the “View Details” button and then “View Trend” for a specific pentest series:

An example of viewing the details for all pentest series in the organization.

An example of viewing the details for one pentest series.

Systemic Issues

This section shows a 6-month trend of organization-wide security gaps that contribute to your overall attack surface. An “x” for each row denotes that the respective systemic issue is still open in the organization’s attack surface, while a “-” means that the issue was not detected. With two 3-month time periods that comprise the last 6 months, organizations can see a trend of whether company-wide policy changes and initiatives are working in closing these gaps in their risk posture. Users can click on each open issue to see remediation guidance as well.

An example table containing Systemic Issues results.