Home
CyberFOCUS Analytics
BigFix CyberFOCUS Analytics enables organizations to continuously look for cyber security threats and proactively mitigate them. It gives improved awareness of the IT assets in your BigFix environment.
CyberFOCUS Analytics dashboard
From the BigFix CyberFOCUS Analytics dashboard, you can view various reports that display critical information related to vulnerabilities. The data are represented in the form of graphs and tables, so that the user can quickly become aware of the IT assets and the threats in the environment and take informed decisions to mitigate vulnerabilities.
CISA KEV report
CISA Known Exploited Vulnerabilities (KEV) webreport utilises the data provided by the Cybersecurity & Infrastructure Security Agency (CISA) KEV Catalog and the associated CISA due dates, analyses and compares them with the patch levels of the devices in your BigFix environment, and visualizes the vulnerability intelligence as a bubble chart to assess and prioritize the vulnerabilities.

CyberFOCUS Analytics
BigFix CyberFOCUS Analytics enables organizations to continuously look for cyber security threats and proactively mitigate them. It gives improved awareness of the IT assets in your BigFix environment.
- CyberFOCUS Analytics dashboard
  From the BigFix CyberFOCUS Analytics dashboard, you can view various reports that display critical information related to vulnerabilities. The data are represented in the form of graphs and tables, so that the user can quickly become aware of the IT assets and the threats in the environment and take informed decisions to mitigate vulnerabilities.
  - MITRE APTs report
    MITRE Advanced Persistent Threat Groups (MITRE APTs) web report obtains data published through the MITRE ATT&CK^® Framework, analyses and compares it with the patch levels of the devices in your BigFix environment, and visualizes the analysis as a bar chart to help you take informed decision to mitigate the security threat.
  - CISA KEV report
    CISA Known Exploited Vulnerabilities (KEV) webreport utilises the data provided by the Cybersecurity & Infrastructure Security Agency (CISA) KEV Catalog and the associated CISA due dates, analyses and compares them with the patch levels of the devices in your BigFix environment, and visualizes the vulnerability intelligence as a bubble chart to assess and prioritize the vulnerabilities.
  - PLA report
    PLA chart allows you to identify and prioritize all important patches (Fixlets) that are required to protect the device from possible vulnerability BigFix environment.
  - Initiative report
    The Initiative Report provides an overview of CVEs (Common Vulnerabilities and Exposures) categorized by different computer groups found in the user's environment. Its purpose is to display the number of vulnerabilities across machines, giving insights into the distribution of vulnerabilities.

CISA KEV report

CISA Known Exploited Vulnerabilities (KEV) webreport utilises the data provided by the Cybersecurity & Infrastructure Security Agency (CISA) KEV Catalog and the associated CISA due dates, analyses and compares them with the patch levels of the devices in your BigFix environment, and visualizes the vulnerability intelligence as a bubble chart to assess and prioritize the vulnerabilities.

Note: The CISA Kev report requires access to the CISA-KEV site and the site must be enabled.

To reduce the significant risk of KEV, CISA's Binding Operational Directive 22-01 (BOD 22-01) mandates federal agencies to remediate vulnerabilities within a specific time frame. CISA maintains CISA KEV (Known Exploitable Vulnerabilities) Catalog as the intelligence source that can be used to get insights on prioritizing and remediating vulnerabilities.

To view the CISA KEV report, from BigFix CyberFOCUS Analytics web report, click the CISA KEV tab.

The bubbles on the chart indicate CVE’s and the size of the bubble indicates the total number of exposures to that CVE.
Color of the bubble indicates CVSS3-Severity. Darker the color, higher the severity.
X axis denotes the timeline selected as per the View By drop-down.
Y axis denotes the number of unique machines.

View By

You can sort the CVE's based on the following options:

CISA Due date: Due date determined by CISA for a CVE.
CISA Date Added Date: The date when the CVE is added to the CISA KEV Catalog.
CVE Release Date: The date when the CVE is released.
CISA Due date (for only pass due): This is same as CISA Due date, but excludes the CVEs that are due in the future.

CVE metadata

When you mouse over a bubble, the report dynamically displays the metadata of the CVE (as provided by CISA and National Vulnerability Database) at the bottom of the chart.

Click on the NIST Details link to take you to the official website of the National Vulnerability Database where you can find up-to-date information about the relevant CVE.

Fixlet information

For a CVE, you can view the complete details of the relevant Fixlets including the Fixlet name, ID, applicable machines. To do that, from the pane where CVE metadata is displayed, click on the number next to # of Fixlets applicable.

Click expand

or collapse

to view or hide the details.

See also