Risk Exposure Score — A score between 0.1 and 10 that represents the entire environment of risk in your network, with 0.1 representing the lowest risk level. The score includes internal and host risks. Risks with a high vulnerability score affect this score more than risks with a low vulnerability score.

For more information, see View your risk score.

New Risks — The number of new risks detected in your network within the specified timeframe. To change the timeframe, click , and then select Last 7 days, Last 30 days, Last 90 days, or Last 120 days. Click the number to view all risks that match the data filter on the Risks page.

Unresolved Risks — The current number of active medium to critical severity risks in your network. Click the number to view the risks.

For more information, see Risk statuses.

Resolved Risks — The number of risks in your network that were resolved within the specified timeframe. To change the timeframe, click , and then select Last 7 days, Last 30 days, Last 90 days, or Last 120 days. Click the number to view all risks that match the data filter on the Risks page.

For more information, see Risk statuses.

Total Critical Vulnerabilities — The number of critical vulnerabilities that currently exist in your environment. For example, if a scan discovered the same vulnerability on 20 different assets, this would be 20 risks, but only one vulnerability. You should remediate these unresolved risks immediately. Click the number to view the vulnerabilities.

Assets with Critical Risks — The number of assets that currently have a critical risk. You should remediate these risks immediately because they are likely targets for malicious activity. Currently, you cannot click the number to view the risks.

Top Vulnerabilities — The top five vulnerabilities in your environment. It only includes risks that have a Status of Unresolved and a ​State​ that is not ​Accepted​ or ​False Positive​​. The vulnerabilities are sorted by highest risk score and then by the number of risk instances. Click View All to view all vulnerabilities on the Risks page. The widget includes these columns:

• Title — The risk name. Click a title to view more detail about the vulnerability in the Risks table.

• Risk Score — The risk rating. Options include any number between 0.1 and 10, with 0.1 representing the lowest risk level.

• Risks — The number of instances of the risk in your environment. Click the number to view more details about each risk instance on the Risks page. The risks are filtered by vulnerability.

• CVE — Links to any known Common Vulnerabilities and Exposures (CVE) that the risk is part of. If multiple CVE links are provided, the primary CVE is first.

Top Known Exploitable Vulnerabilities — The vulnerabilities with known exploits. It only includes risks that have a Status of Unresolved and a State that is not Accepted or False Positive. The vulnerabilities are sorted by highest risk score and then by the number of risk instances. Click View All to view all vulnerabilities on the Risks page that have a CISA KEV value of Yes. For the CISA catalog of exploited vulnerabilities, see https://www.cisa.gov/known-exploited-vulnerabilities-catalog.

The widget includes these columns:

• Title — The risk name. Click a title to view more detail about the vulnerability in the Risks table.

• Risk Score — The risk rating. Options include any number between 0.1 and 10, with 0.1 representing the lowest risk level.

• Risks — The number of instances of the risk in your environment. Click the number to view more details about each risk instance on the Risks page. The risks are filtered by vulnerability.

• CVE — Links to any known Common Vulnerabilities and Exposures (CVE) that the risk is part of. If multiple CVE links are provided, the primary CVE is first.

• Published — The date when the vulnerability was first identified.

Latest Security Bulletins — The five most recent Arctic Wolf Research team Security Bulletins about Common Vulnerabilities and Exposures (CVEs) that are present in your environment. An indicator displays when a bulletin is less than seven days old. The bulletins are sorted by release date with the most recent at the top. It also lists the CVEs and risk counts that are associated with the bulletins. Use this information to understand which assets are impacted and prioritize remediation efforts. Click View All to view all Security Bulletins on the Threat Intelligence page. For more information about bulletin details, see View threat intelligence.The widget includes these columns:

• Threat Level — The severity of the bulletin. Options include: Low, Medium, High, and Critical.

• Title — The bulletin name and the date that the bulletin was published. Click a title to view details about the bulletin.

• Risks — The number of Unresolved risks in your environment associated with the CVEs in the bulletin. Click the number to view more details about each risk instance on the Risks page. The risks are filtered by the CVEs associated with the bulletin. If needed, share this filtered view link with your remediation support team or export the list of risks to a CSV file.

• CVEs — Links to any known Common Vulnerabilities and Exposures (CVEs) that the risk is part of. If multiple CVE links are provided, the primary CVE is first.

Top Risks by Asset Category — The number of risks in each of the top eight categories, with the most critical risks listed first, followed by high, medium, and then low. If the count of risks in asset categories is the same, they are listed alphabetically. Click a color segment in a bar to view unresolved risks filtered by Asset Category, Risk Severity, and First Detected Time on the Risks page. To change the timeframe, click , and then select Last 7 days, Last 30 days, Last 90 days, or Last 120 days. Click View All to view all risks that match the data filter on the Risks page. The bars group risks by severity and you can click a bar section to view more detail about the risks on the Risks page:

• Low (grey) — Wait to remediate the risk until higher-priority tasks are complete. The assets are unlikely targets for malicious activity or have negligible negative impact if compromised.

• Medium (yellow) — Monitor for risk escalation. The assets have a moderate negative impact if compromised.

• High (orange) — Isolate and limit asset use until the risk is remediated. The assets have short-term compensating controls available or are interconnected with external systems.

• Critical (red) — Remediate the risk immediately. The assets are essential to your operation or are likely targets for malicious activity.

Risks by Source — The number of unresolved risks identified by Agent, IVA, and EVA within the specified time based on the date and time that a risk was first detected. It only includes risks that have a Status of Unresolved and a State that is not Accepted or False Positive. To change the timeframe, click , and then select Last 7 days, Last 30 days, Last 90 days, or Last 120 days. Click View All to view all risks that match the data filter on the Risks page. Click the number in the middle of the pie chart to view more detail about these risks on the Risks page. The pie charts group risks by severity and you can click any pie slice to view more detail about the risks on the Risks page:

• Low (grey) — Wait to remediate the risk until higher-priority tasks are complete. The assets are unlikely targets for malicious activity or have negligible negative impact if compromised.

• Medium (yellow) — Monitor for risk escalation. The assets have a moderate negative impact if compromised.

• High (orange) — Isolate and limit asset use until the risk is remediated. The assets have short-term compensating controls available or are interconnected with external systems.

• Critical (red) — Remediate the risk immediately. The assets are essential to your operation or are likely targets for malicious activity.