The same feel and functionality that exists within the Attack Surface module exists within the Internal Network module. All assets and risks across these assets can be viewed, managed, and tracked over time. The Internal Network will provide tabs, such as a dashboard summary of the internal assets and vulnerabilities, a complete list of all vulnerabilities, a comprehensive view of all internal assets, and will track remediation over time.

Dashboard

The Internal Network dashboard will surface information regarding the number of internal assets, the total number of vulnerabilities that currently exist on those assets. The dashboard will also display all of the vulnerabilities that were fixed in the last thirty (30) days, as well as the critical issues identified in the last ten (10) days. Users can drill into any asset or vulnerability to view the specific details for that item.

Vulnerabilities

The vulnerabilities tab within the Internal Network module will present a trend line of vulnerabilities that exist on internal assets over time, as well as breakdown the categories of any vulnerabilities identified, and list all vulnerabilities in the internal issues table.
Users can now export all of the vulnerabilities across their internal network in the form of CSV files. To do this, click the Export button in the top right of the screen and proceed to click Download to receive the results.
To view the details for an individual vulnerability, you can click into the vulnerability name in the external issues table, and the details for the specific issue you drilled into will be surfaced.
This page will outline all of the details of the specific issue that was identified on the internal asset. The information you will see for each vulnerability is the following:
  • Name
  • Description
  • Solution
  • References
  • Category
  • CVSS Base Score
  • CVEs
  • EPSS
  • EPSS Percentile
  • CISA Known Exploited
  • Ransomware Campaign Used
All assets that are affected with the vulnerability that is being viewed will show up within the Affected Internal Entities table.

Configurations

The Configurations tab provides a list of Center for Internet Security (CIS) benchmarks that are applicable for the agents that have been deployed within the internal network. The Configurations tab will display the respective operating system (OS) benchmarks for the assets, and users can drill into each benchmark to see the configuration policies that each host is checked against.
Users can drill into each Policy Name to view each of the respective policy checks that each host has been audited against.
Each individual policy will outline the policy name, description, rationale, remediation, and any references for the policy.

Assets

The Assets tab gives a list view of all of the assets (Hostname, IP, Group, and Criticality) across an organization’s internal network.

Remediation

Remediation tracking within both the Attack Surface and Internal Network module is automated and the details for each remediated vulnerability are displayed in a table, and the aggregate values are tracked over time. A vulnerability is considered remediated (or fixed) when an asset that exists within the Shield platform and initially has had a vulnerability identified, and that asset is scanned again and the vulnerability no longer exists.