Skip to content

VIDEO

Comparing Reports in Analytics

Series: PlexTrac ProTips

Category: Analytics, Product Features, Reports

   BACK TO VIDEOS

Transcript

Hey there. I’m Nick Popovic, PlexTrac, Hacker in residence. Welcome to the PlexTrac Pro Tips, a video series of quick tips and tricks for maximizing how you use PlexTrac. Brought to you by me and my fellow PlexTrac super users to share cool features and uses that we, we hope will make your work even more effective and efficient. Have a unique Plex Trek use case or tip of your own. Share in the comments. Now, let’s get to our pro tip.

Hi there. This is Leo Dassa, Enterprise account executive and your friendly neighborhood cyberman. So today what we’re going to do is discuss how in the analytics portion of Plex Track, you can actually compare two different reports and the reason why that’s important for both your SLA and tracking your remediation efforts. First thing we’re going to do is come down here to the analytics portion and we’re going to clear all the filters. And what you’ll see here is that we have 3200 findings in total. When we clear all the filters, you can see everything that’s open and process close. You can see everything that’s critical all the way down to informational.

And then when you scroll down, you can actually see the breakdown by client, what lives within the bottom of Ravens, what lives within the Boston Red Sox, and of course, what lives within the demo. Now, when we come down here to the Reports filter, we can go ahead and say, let’s go ahead and compare a NESA scan file from September versus a Nessa scan file from May, both of these being from 2021. So we want there to be less findings in the May report, of course. So when we come up here to the top, we’ll see that those 3200 findings actually now turn into 275. Reason being is because these are only findings that live within both of these Nests scan file reports. We’ll see what’s open, closing and process everything’s open. And then we’ll also see that it only lives from a client standpoint within the Baltimore Ravens client.

Then when we go down, we can actually see a little bit more granular here that for example, Microsoft Windows XP unsupported installation detection is in the May report, where the Drop Air SSH server is in the September report. Now, we also have the ability to say, hey, this was over a year ago, what’s going on here? And this is actually critical. Let me go ahead here and if I will create a ticketing through either Jira or ServiceNow or even just add a manual update if I don’t have one of those integration. So what I can do here is I can just say, comment, get somebody’s attention, click Save, and it will show that date and time. So somebody who I assign this to, in this case Leo Dassa, will now know exactly what I need them to do within that finding to go ahead and track and remediate that. Now, when we go down here a little bit further, we’ll actually see just how many findings are within each scan file report. So within September, we can see this is how many findings are here, where with May, we can see this is how many findings are here.

And we can do the same thing with that with any type of report. Maybe we want to compare just a Nessus report versus a Qualifier report because we have different VM teams. We can do that. We can do a CIS report versus another CIS report and just compare and contrast, make sure everything’s checking out there. What do we need to do? We see that everything’s informational, so nothing too much to worry about. But that is going to be the value of being able to compare the different reports, why that’s important and why that’s going to allow you to stay on top of both your SLAs and your remediation efforts. And now is the part where I get to say thank you very much for taking the time.

Once again, Leo Dassa, enterprise account executive and more importantly, your friendly neighborhood cyberman.