# Executive Dashboard This dashboard, accessible to MSS or company type users, offers detailed indicators on system health and alert processing, with the ability to filter by date ranges. It provides a comprehensive overview of the main aspects of security and operational efficiency.

*** #### **Overall Health** Indicates, in a scaled format, the overall average of Info Security, Risk Exposure, Maturity, and Mitre indicators.

*** #### **Info Security** Average of coverage indicators for relations, event types, and private playbooks.

*** #### **Risk Exposure** Checks the coverage of the time for first treatment, measuring its compliance with the standards set in the setup. The closer to 0%, the better the indicator.

*** #### **Maturity** Average of indicators in the Security Operation graph, rated on a scale of up to 5 points.

*** #### **Mitre** Calculates the coverage of correlation rules for techniques and sub-techniques listed in Mitre.

*** #### **Attack Vector** Visual representation of the treatment of events by data source, their attack vectors, and related results in the confusion matrix.

*** #### Events x Incidents Visual representation of confirmed incidents, arising from events received by the monitoring system, demonstrating effectiveness in reducing manual labor.

*** #### Quality KPIs: * Average Time To Detect An Incident (MTTD): The average time to identify an incident from the generation of the alert. * Average Time To Respond To An Incident (MTTR): A performance indicator of the security team measuring the time from the opening of the incident to the start of treatment. * Average Time To Contain An Incident (MTTC): The time it takes the team from identification to the start of the threat blocking phase. * Average Time To Repair (MTTR): The time required to fix the problems and eradicate the threat, returning the environment to a safe state.

*** #### Incidents By Status Number of incidents distributed by each type of status.

*** #### Confusion Matrix The number of alerts in each status of the confusion matrix.

*** #### Security Operation Visual representation, with a color rule, indicating the compliance level of various indicators, with descriptions available when hovering over their titles.

* **Continuous Monitoring** * **Monitoring Systems** * **Relations:** Coverage of treatment of relations in the correlation rules. * **Data Sources** * **Correlation Rules:** Coverage if each event type is linked to at least one correlation rule. * **Mitre Framework** * **Tactics:** Coverage if each technique has at least one correlation rule. * **Techniques:** Coverage if there is at least one correlation rule linked to the technique. * **Incident Response** * **Playbooks** * **Initial Playbooks:** Coverage if each correlation rule has at least one initial playbook. * **Advanced Playbooks:** Coverage if each active customer has at least one advanced type playbook. * **Continuous Operation** * **SLA:** Contracted SLA coverage percentage coverage. * **Quality of Service:** Maximum average rating coverage. * **Response Time:** Optimal response time coverage. * **Customer Management** * **Continuous Operation** * **Requests:** Coverage of request processing, considering open/closed. * **SLA:** Contracted SLA coverage percentage coverage. * **Response Time:** Optimal response time coverage. * **Automatic Response** * **Automatic Treatment Engine** * **First Response:** Mean Time To Treatment an Alert. * **Workload Reduction:** Workload Reduction in Percentage. {% hint style="warning" %} **Color Standards for Performance Indicators:** * **Green (Excellent Performance):** Indicates a performance that is equal to or greater than 90%. This green color standard is used to represent high efficiency or compliance, signifying that the indicator is operating at an optimal level. * **Orange (Moderate Performance):** Represents a performance between 60% and 89.99%. The orange color is used for indicators that are performing moderately, suggesting there is room for improvement, but the performance is still acceptable. * **Red (Insufficient Performance):** Used for performances below 60%. The red color alerts to an unsatisfactory performance, indicating that the indicator is below an acceptable level and needs immediate attention for improvement. * **Gray (Inactive):** Applied to indicators that are currently inactive. The gray color signals that the indicator is not in use or does not have sufficient data for performance evaluation at the moment. {% endhint %} *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.inopli.com/response/dashboards/executive-dashboard.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.