Getting Started with Hierarchical Risk Meters

For more information on how to enable this new feature, contact your Customer Experience (CX) Team.

The new Hierarchical Risk Meter functionality enables authorized users to create risk groups which descend, or inherit their filters and search criteria, from the parent group. The assets and vulnerabilities included in any descendent group are determined by that group’s immediate filter criteria, as well as all of the filter criteria for any ancestors above it in the hierarchy.

Due to more restrictive criteria being added the further down the hierarchy you go, a child group will always show fewer (or at most, the same) assets and vulnerabilities than its parent group.

Prerequisite:

You must be an administrator.

Important to Note:

  • All descendant risk meters inherit user role permissions from their parent.

    • For example, if you have access to a parent risk meter, you will have access to all its descendants.

  • Editing a parent impacts all descendant risk meters.

  • Deleting a parent removes all descendant risk meters.

  • Each descendant risk meter (parent, child, grandchild etc) has its own independent Reporting and Top Fixes views.

  • Each descendant risk meter has its own score.

  • You can create up to 10 nested levels of descendant groups from the root parent risk meter.

  • There is no limit to how many children a risk meter can have . Only hierarchy depth is limited, not breadth.

Viewing Risk Meters from the Dashboard

From the Dashboard Card View, you can view all your risk meters including new icons that indicate the presence of child meters.

My_Risk_Meters.png

Clicking a Child icon opens a new window displaying the children of the parent risk meter. Continue clicking Child icons to drill down.

Child.png

You can also view descendant risk meters in the newly introduced List View on the dashboard by clicking the List View icon. The risk meters appear with the ability to expand and collapse risk meter groups.

 Search_List_View.png

In the List View, you can access the Assets and Vulnerabilities links, which open in the Explore window.

MRM_Dashboard.png

Tip: You can follow the breadcrumbs in the List View or Card View to navigate back through the risk meter levels or simply return to the Dashboard.

Grandchild.png

Searching for Groups in Explore

Click All Groups or a specific group and then the down caret to activate the search bar.

VM_Search.png

Note: By default, you will see your first 500 groups alphabetically. As soon as you enter the search criteria, the best matched groups will start to display.

To see children in the context of their parent in Explore, click the child icons. You can click again to hide them.

Nested_Score.png

You are still be able to view groups in the right-hand panel in Explore for now, but this is the navigation of the future! This new control will eventually replace the Groups section in the right-hand search panel.

Creating a New Child Group

Navigate to the Explore page, hover over the risk meter name in the top left to access the green + sign to add a child group.

VM_Explore.png

A banner appears informing that you are about to create a child group (risk meter).

VM_Banner.png

In this Child Risk Meter view, add any additional filters and then click Create Child.

In the pop-up window, enter a name for the child group and give permission to the appropriate user roles.

Create_Child_Group.png

Important: Parent-level user role permissions are displayed and cannot be removed.

Non-admin_role.png

Click Create Child to create the child group.

A banner appears informing you the child group has been created.

Adding Risk Meter Permissions

You can also add permissions from the Settings page. From the Explore tab, click Settings to open the User Roles Edit window.

User_role_cropped.png

Enter a Name for the new User Role.

Select the risk meter to which you wish to add the new permission.

Select the applications to which you wish to grant access.

Choose your Access Type or create your own custom access settings.

Click Save to apply the new settings.

Editing a Risk Meter in the Dashboard

Note: Before editing a risk meter, review all risk meters that may be impacted.

From the Dashboard, click the Pencil icon on the particular risk meter you wish to edit.

Note: You will not see the pencil or Trash Can icon if you are not an administrator or do not have the appropriate permissions to edit or delete a risk meter.

You are able to edit the Name and/or the User Role permissions instantly.

Edit_risk_meter_cropped.png

Tip: You can edit Assets in Explore by clicking the Edit Assets in Explore link.

Click Save to apply your changes.

Editing a Risk Meter in Explore

From Explore, click the Pencil icon on the particular risk meter you wish to edit.

Note: You will not see the pencil or Trash Can icon if you are not an administrator or do not have the appropriate permissions to edit or delete a risk meter.

You are able to edit the Name/Permission or Filters.

Name-Permission_Filter.png

Tip: Filters are only editable from the Explore page.

Once you select Filters, a banner appears informing you are editing an existing group and this change will cause reporting and metrics to change moving forward.

Important: This action cannot be undone.

Edit_asset_group.png

You have the option to Update Group once you have changed filters .

Update_group.png

Deleting a Risk Meter

Important: Before deleting a risk meter, ensure that you are selecting the appropriate one and review all descendants as they will be deleted too.

From the Dashboard, click the Trash Can icon on the particular risk meter you wish to delete.

Note: You can also delete a risk meter in Explore.

Review the risk meter that you are deleting.

Delete_risk_meter.png

Click Delete to remove the risk meter and any related descendant risk meters.

 

 

 

 

 

Powered by Zendesk