Hierarchical Risk Meters let authorized users create risk groups which descend, or inherit their filters and search criteria, from the parent group. The assets and vulnerabilities included in any descendent group are determined by that group’s immediate filter criteria, and all of the filter criteria for any ancestors above it in the hierarchy.
A child group will always show fewer (or at most, the same) assets and vulnerabilities than its parent group because more restrictive criteria are added the further down the hierarchy you go.
Prerequisite:
You must be an Administrator role, Normal role or be assigned to a custom role with the Edit Asset Groups permission enabled to Create child meters using the UI.
Note: Only users with the Administrator role or Normal role can create Child Risk Meters using the API.
Important to Note:
-
All descendant risk meters inherit user role permissions from their parent. For example, if you have access to a parent risk meter, you will have access to all its descendants.
-
Editing a parent impacts all descendant risk meters.
-
Deleting a parent removes all descendant risk meters.
-
Each descendant risk meter (parent, child, grandchild) has its own independent Reporting and Top Fixes views.
-
Each descendant risk meter has its own score.
-
You can create up to 10 nested levels of descendant groups from the root parent risk meter.
-
There is no limit to how many children a risk meter can have .
View Risk Meters from the Dashboard
1. In Cisco Vulnerability Management, click Vulnerability Management > Dashboard.
2. In the Dashboard Card View, you can view all your risk meters. Risk meters that have child icons indicate the presence of child meters.
3. Click a child icon. A new window opens that shows the children of the parent risk meter. Continue clicking child icons to move deeper into the hierarchy.
4. You can also click the List View icon on the Dashboard to view descendant risk meters. The risk meters appear with the ability to expand and collapse risk groups.
5. In the List View, click the Assets and Vulnerabilities links, which opens in the Vulnerability Management Explore window.
Tip: You can follow the breadcrumb trail in the List View or Card View to navigate back through the risk meter levels or return to the Dashboard.
Search for Groups in Vulnerability Management Explore
1. On the Vulnerability Management Explore page, click All Groups, or a specific group name to activate the search bar.
Note: By default, the drop-down list contains the first 500 groups in your organization alphabetically. When you enter the search criteria, the best matched groups will start to display.
On the right-hand side of the search results page, to see children in the context of their parent on the Vulnerability Management Explore page, click the child icons. You can click again to hide them.
You are still be able to view groups in the right-hand panel in Explore for now, but this is the navigation of the future! This new control will eventually replace the Groups section in the right-hand search panel.
Create a New Child Group
1. Navigate to the Vulnerability Management Explore page.
2. Hover over the risk meter name and click the green + sign..
A banner appears informing that you are about to create a child group (risk meter).
3. In the Child Risk Meter view, add any additional filters and then click Create Child.
4. In the pop-up window, enter a name for the child group and give permission to the appropriate user roles.
Important: Parent-level user role permissions are displayed and cannot be removed.
5. Click Create Child.
A banner appears informing you the child group has been created.
Add Risk Meter Permissions
1. In Cisco Vulnerability Management, hover over the gear icon () in the upper right-hand corner of the page and click Roles.
On the Roles page, you can see the existing user roles, how many roles exist, and toggle between the users and roles tabs. To edit a role, click the pencil icon (). To delete a role, click the trashcan (
) icon.
2. Click Add Role.
3. .Enter a Name for the new User Role. Enter a Name and a Description for the role. If you want the role to have access to the Home Page and Application Security Module Reporting page (if you use the Application Security Module), select those options.
4. Click Continue.
5. Select the Risk Meters that the role should have access to.
6. If you are using Application Security Module, select the applications the role should have access to.
7. Select a permission level for the role. Note: When you select the Custom permissions option, toggle buttons display beside the options that you can choose for the role.
8. Select the users to assign to the role.
9. Click Finish.
Edit a Risk Meter in the Dashboard
Before editing a risk meter, review all risk meters that may be impacted.
1. On the Vulnerability Management > Dashboard page, in card view, hover over the name of the risk meter that you want to edit.
2. Click the down arrow.
3. Click Edit.
Note: You will not see the pencil or Trash Can icon if you are not an administrator or do not have the appropriate permissions to edit or delete a risk meter.
4. Make your edits. You can edit the name, and change the roles associated with the risk meter.
5. Click Save.
Tip: You can edit Assets in Explore by clicking the Edit Assets in Explore link.
Edit a Risk Meter in Vulnerability Management Explore
1. On the Vulnerability Management > Explore page, in card view, hover over the name of the risk meter that you want to edit. and click the Pencil icon ().
Note: You will not see the pencil or Trash Can icon if you are not an administrator or do not have the appropriate permissions to edit or delete a risk meter.
2. Make your edits. You can edit the name, and change the permissions and filters associated with the risk meter.
Once you select Filters, a banner appears informing you are editing an existing group and this change will cause reporting and metrics to change moving forward.
Note: This action cannot be undone.
3. You have the option to Update Group after you have changed filters .
Delete a Risk Meter
Important: Before you delete a risk meter, ensure that you are selecting the appropriate one and review all descendants because they will be deleted too.
1. From the Dashboard, click the Trash Can icon () on the risk meter you want to delete.
Note: You can also delete a risk meter in Vulnerability Management Explore.
2. Review the risk meter that you are deleting.
3. Click Delete to remove the risk meter and any related descendant risk meters.
Note: If you were a customer prior to February 2023 this was not enabled by default, contact your Customer Experience (CX) Team or Support Team to enable this feature.
Comments
Please sign in to leave a comment.