Metrics API Reference

Vulnerabilities

Active Vulnerabilities by Severity

Count of active vulnerability instances (excluding Informational) by severity.

vuln_count
vuln_count_{severity}

Example: vuln_count_critical

Active Vulnerabilities by Status

Count of active vulnerability instances by status.

active_count
exception_requested_count
fixed_count
in_progress_count
potential_count
waiting_for_third_party_count
waiting_for_verification_count

Average Age by Severity

Average age in days for active vulnerability instances by severity.

avg_age
avg_age_{severity}

Example: avg_age_critical

Discovered by Severity

Count of vulnerability instances discovered in the last # days by severity.

discovered_count_{# days}
discovered_count_{severity}_{# days}

Examples:

discovered_count_7d

discovered_count_critical_7d

Resolved by Severity

Count of vulnerability instances resolved in the last # days by severity.

resolved_count_{# days}
resolved_count_{severity}_{# days}

Examples:

resolved_count_7d

resolved_count_critical_7d

% Churn by Severity

Ratio of discovered vs. resolved vulnerability instances in the last # days by severity.

churn_pct_{# days}
churn_pct_{severity}_{# days}

Examples:

churn_pct_7d

churn_pct_critical_7d

SLAs & Remediation

Past Due (%)

Percent of active vulnerability instances past their due date.

past_due_pct
past_due_pct_{severity}

Example: past_due_pct_critical

Past Due

Number of active vulnerability instances with due dates in the past by severity.

past_due
past_due_count{severity}

Example: past_due_count_critical

% Active Within SLA by Severity

Percent of active vulnerability instances not past their due date by severity.

in_sla_pct
in_sla_pct_{severity}

Example:

in_sla_pct_critical

% Resolved Past SLA by Severity

Percent of vulnerability instances resolved past their due date for the last # days.

resolved_past_sla_pct_{# days}
resolved_past_sla_pct_{severity}_{# days}

Examples:

resolved_past_sla_pct_7d

resolved_past_sla_pct_critical_7d

Resolved Past SLA by Severity

Count of vulnerability instances resolved past their due date for the last # days.

resolved_past_sla_count_{# days}

resolved_past_sla_count_{severity}_{# days}

Examples:

resolved_past_sla_count_7d

resolved_past_sla_count_critical_7d

% Resolved Within SLA by Severity

Percent of vulnerability instances resolved on or before their due date for the last # days.

resolved_within_sla_pct_{# days}
resolved_within_sla_pct_{severity}_{# days}

Examples:

resolved_within_sla_pct_7d

resolved_within_sla_pct_critical_7d

Resolved Within SLA by Severity

Count of vulnerability instances resolved on or before their due date for the last # days.

resolved_within_sla_count_{# days}

resolved_within_sla_count_{severity}_{# days}

Examples:

resolved_within_sla_count_7d

resolved_within_sla_count_critical_7d

MTTR by Severity

Mean-time-to-resolve in days for vulnerability instances resolved in the last # days.

mttr_{# days}
mttr_{severity}_{# days}

Example:

mttr_7d

mttr_critical_7d

No SLA by Severity

Count of active vulnerability instances without a set due date.

no_sla_count
no_sla_count_{severity}

Example:

no_sla_count_critical

Resolved by Status

Count of vulnerability instances resolved with a given status in the last # days.

{status}_count_{# days}

Examples:
accepted_risk_count_7d
duplicate_count_7d
exception_granted_count_7d
false_positive_count_7d
manually_mitigated_count_7d
scan_mitigated_count_7d

Risk & Threat Intelligence

Nucleus Risk Score

Risk Score for a given Asset Group

risk_score

Mandiant Risk Rating

Count of active vulnerability instances by Mandiant Risk Rating.

mandiant_risk_count

mandiant_risk_count_{severity}

Examples:
mandiant_risk_count_critical

Mandiant Zero Day by Severity

Count of active Zero Day vulnerabilities (Mandiant) by severity.

mandiant_zero_day_count

mandiant_zero_day_count_{severity}

Examples:
mandiant_zero_day_count_critical

Mandiant Exploited in the Wild by Severity

Count of active vulnerability instances known to be exploited in the wild (Mandiant).

mandiant_exploit_in_the_wild_count

mandiant_exploit_in_the_wild_count_{severity}

Examples:
mandiant_exploit_in_the_wild_count_critical

Mandiant Widely Exploited by Severity

Count of active vulnerability instances known to be widely exploited (Mandiant).

mandiant_widely_exploited_count

mandiant_widely_exploited_count_{severity}

Examples:
mandiant_widely_exploited_count_critical

Mandiant Exploited by Malware by Severity

Count of active vulnerability instances with known malware exploits (Mandiant).

mandiant_exploited_by_malware_count

mandiant_exploited_by_malware_count_{severity}

Examples:
mandiant_exploited_by_malware_count_critical

Assets

Assets

Count of active assets.

asset_count

Compliance

Compliance Pass %

Percent of Compliance finding instances with a result of Passed or Warning.

compliance_pass_pct

Compliance Passes

Count of active vulnerability instances with a result of Passed or Warning.

compliance_pass_count

Ticketing

Open Tickets

Count of open tickets.

NOTE: this is not the count of instances that have tickets associated with them.

open_ticket_count

Tickets Created

Count of tickets created in the last # days.

tickets_created_count
tickets_created_count_{# days}

Example:

tickets_created_count_7d

Tickets Closed

Count of tickets closed in the last # days.

tickets_closed_count
tickets_closed_count_{# days}

Example:

tickets_closed_count_7d

% Vulnerabilities Without Tickets by Severity

Percent of active vulnerability instances without an associated ticket create by severity.

no_ticket_pct

no_ticket_pct_{severity}

Example: no_ticket_pct_critical

% Past Due Vulnerabilities Without Tickets by Severity

Percent of active vulnerability instances past due without tickets created.

past_due_no_ticket_pct

past_due_no_ticket_pct_{severity}

Example: past_due_no_ticket_pct_critical