Dashboard
Reading your dashboard
Your main dashboard is a live summary of exposure and risk across your environment. This page explains every part of it — the headline numbers, the charts, and the controls that let you slice the data and dig into the detail behind it.
What it's for
- Read your posture in seconds from the row of key numbers at the top.
- Focus the view with filters for time range, patch availability, ownership layer, and system type.
- Investigate by clicking any chart to open the exact list of findings behind it.
The screens in it
When you open the dashboard you see three bands, top to bottom:
- The controls bar — filters on the left, actions on the right.
- The headline band — your key numbers and the organization risk score.
- The detail band — charts and tables that break the numbers down.
The controls bar
The controls bar runs across the top. The left side narrows what the dashboard counts; the right side lets you act on the current view.
Filters (left side)
| Control | What it does |
|---|---|
| Time range | Sets the window the trends and time-based numbers cover — 7 days, 30 days, 90 days, 6 months, 1 year, or All. |
| Patch availability | Limits findings to All, Patchable (a fix is available), or Unpatchable (no fix yet). |
| Ownership layer | Splits findings by where they live — All Layers, OS, Application, or Needs Review for items not yet classified. |
Filters combine: for example, 30 days + Patchable + Windows Server shows only patchable findings on Windows servers over the last month.
Which of these filter rows actually appear is decided per dashboard, not once for your whole workspace. Each dashboard (including the built-in one) can show a different subset of them, and a custom dashboard's creator chooses which rows its viewers get — see Building custom dashboards. If a dashboard doesn't show a filter row here, that row simply isn't part of its configuration; it isn't a workspace-wide switch.
System-type tabs
Below the controls bar is a row of system-type tabs — for example All Systems, Windows Server, Windows Workstation, Linux, Network, and Other. Each tab shows a count and switches the whole dashboard to that group of systems. If a combination of tab and filters has no matching findings, the dashboard tells you so plainly instead of showing empty charts. Which tabs appear is also decided per dashboard, the same way the filter rows are.
Actions (right side)
| Control | What it does |
|---|---|
| Refresh | Re-fetches every widget's data for the current filters. |
| Export | Downloads the current dashboard view as a PDF or PNG. |
| Edit Layout | Lets you drag and resize the built-in dashboard's existing widgets. This is your personal arrangement — it doesn't change what other people see — and it doesn't create a separate dashboard. Adding, removing, or reconfiguring widgets isn't available here; use Clone Copy for that. |
| Clone Copy | Makes a true, independent duplicate of the built-in dashboard that you own outright — full editing rights, including adding/removing widgets. See Building custom dashboards. |
The built-in dashboard is shared, so Edit Layout only rearranges and resizes its existing widgets for you personally — it's saved on the same dashboard, not as a copy, and a Reset Layout button (shown while editing) puts it back the way it shipped. If you need to add or remove widgets, change filters, or swap data sources, use Clone Copy to make your own independent dashboard first.
The headline band
Key numbers
The built-in dashboard's headline numbers appear in two rows. The top row, next to the risk score, is:
- Overall Risk Score — see below.
- Remediated — how much you've closed out over the last 30 days.
- Critical + High — the findings that most need attention, with their change versus the previous period.
- MTTR (Mean Time to Remediate) — how long, on average, it takes to fix a finding.
A second row further down the page adds:
- Total Active — the overall vulnerability count for the current filters.
- New Vulns (7d) — findings first seen in the last 7 days.
- Total Assets — the size of the asset population behind the numbers above.
Most of these respond to the filters and system-type tab you've selected and can be clicked to open the matching findings — except Remediated, MTTR, and the Overall Risk Score, which are aggregate calculations with no single list of "rows" behind them, so clicking them does nothing.
Organization risk score
The Overall Risk Score is a single gauge that rolls your exposure into one figure. Like Remediated and MTTR, it's a calculated aggregate, not a click-through metric. While a score is still being calculated, a placeholder appears in its place.
The detail band
Below the headline band, the built-in dashboard breaks the numbers down with a platform summary strip, trend charts, and a detailed table. You'll typically see:
- Platform Summary — a compact strip of fleet-level stats (assets, agent coverage, sync/scan recency) for the systems currently in view.
- Vulnerability Trend and Severity Trend — how totals and the severity mix have moved over the selected time window.
- Detailed Vulnerability Data — a sortable table of the underlying findings.
- Total Active / New Vulns (7d) / Total Assets — the second KPI row described above.
- Severity Distribution — a donut breaking open findings down by severity.
- Per-Source Contribution — when more than one scanner feeds your data, a donut showing how many findings each source contributes. It reports counts per source only — it does not compute overlap, shared-finding, or unique-finding metrics between scanners.
- Vulnerability State Summary — a breakdown by finding state (for example active vs. fixed).
Drilling into the detail
Any chart segment is a doorway to the findings behind it. Click a bar, slice, or point and ThreatWeaver opens the full vulnerabilities (or assets) list, already filtered to match what you clicked and the dashboard's current filters — so you go straight from "there's a spike here" to the exact items causing it. This works for the charts and tables in the detail band and for the drillable KPIs above; it does not apply to Remediated, MTTR, or the Overall Risk Score.
Common workflows
Workflow: from a headline number to the findings behind it
-
Set the time range to the window you care about — for example 30 days.
Step 1 — choosing the 30-day time range -
Choose a system-type tab (for example Windows Server) to focus on one part of your environment. The headline numbers and charts update.
Step 2 — the dashboard focused on Windows Server -
In the severity breakdown, click the Critical segment. ThreatWeaver opens the vulnerabilities list filtered to critical findings on Windows servers over the last 30 days — ready to investigate or act on.
Step 3 — the filtered vulnerabilities list opened from the chart
Workflow: share a snapshot of the current view
- Set the filters and tab so the dashboard shows exactly what you want to share.
- Click Export and choose PDF or PNG.
- The file downloads to your device, capturing the view as it appears on screen.