Vulnerability Overview Dashboard

The Vulnerability Overview dashboard provides a high-level summary of the most critical and exploitable vulnerabilities across your infrastructure. It is designed to help security teams reduce noise, identify the most actionable issues, and prioritize remediation based on real risk signals.

Technical Preview: This feature is currently in rapid development and may change frequently.

This dashboard enables rapid identification of:

  • The most critical vulnerabilities.
  • The worst and most pervasive vulnerabilities.
  • The newest vulnerabilities with the biggest impact.

It provides quick insights into your worst problems so you can streamline their remediation and improve your security posture quickly and effectively.

The Vulnerability Overview Dashboard currently shows Findings only from Runtime Resources. The current Runtime Resources supported are as follows:

  • Kubernetes Workloads
  • Container Workloads
  • Hosts

Interactive Behavior and Filtering

  • Clicking any bar on the All Critical and High Vulnerabilities graph or any vulnerability in the summary tables will navigate to the Vulnerability Findings page with filters automatically applied to match the selection. For example, Has Fix, In Use, or specific CVEs.
  • The Zone Selector in the upper-left lets you filter the entire dashboard by one or more Sysdig Zones, a logical grouping of resources such as accounts, clusters, or applications.
  • When navigating to the Findings view from this dashboard, vulnerabilities that have already been risk accepted are automatically excluded by default to help you focus on unresolved threats.

Scope Reduction with All Critical and High Vulnerabilities Graph

The top section visualizes the progressive reduction of vulnerabilities based on runtime and threat context:

  • Severity: Begins with all Critical and High vulnerabilities detected across your environment.
  • In Use: Filters down to packages currently loaded in runtime: a key signal for identifying what’s truly relevant and running.
  • Has Fix: Focuses further on in-use vulnerabilities with a validated or vendor-provided fix.
  • Has Exploit: Highlights the subset of vulnerabilities that are actively being exploited in the wild.

This flow is designed to help you reduce your scope, from a broad attack surface to only those vulnerabilities that are real, fixable, and dangerous.

Critical and Exploitable Vulnerabilities

This table surfaces the most impactful CVEs based on volume and context:

  • CVE ID: Clickable ID linking to Finding360 with full detail.
  • Findings: Number of individual vulnerability findings of the CVE detected in your environment.
  • EPSS: The Exploit Prediction Scoring System score estimating the likelihood of exploitation within the next 30 days.
  • Context Indicators: Shows if the vulnerability:
    • Has a fix available
    • Is active in runtime
    • Is known to be exploitable
    • Has been risk accepted

This view enables rapid identification of both widespread and high-risk vulnerabilities.

Most Recently Discovered CVEs

This table highlights newly detected vulnerabilities that meet the criteria of being both critical and exploitable.

  • First Seen: Timestamp when the CVE was first observed in your environment.
  • CVE ID: Opens a detailed view with impact and remediation guidance.
  • Findings: Total number of occurrences across your infrastructure.
  • EPSS: Likelihood of exploitation based on global threat intel.
  • Context: Same contextual risk indicators as in the critical/exploitable view.

This section helps teams respond quickly to newly critical problems by surfacing new vulnerabilities as they are detected.

For deeper insight into individual vulnerabilities and filtering options, see Vulnerability Findings