Section
Overview
Executive security posture and operational risk overview.
MITRE ATT&CK Compliance
68%
6 tactics below 70%
Critical Vulns
23
▲ 5 new this week
Device Compliance
87%
▼ 2% improvement
CA Policies Active
18
3 in report-only
Vulnerable Software Inventory
Risk Matrix
Exposure Trend (90 Days)
Risk exposure trend based on vulnerability pressure, exploit activity, and endpoint risk telemetry.
Current Exposure
0.0
Trend vs prior period
0.0
Standards Readiness Snapshot
Cross-framework compliance highlights with focus areas needing additional hardening.
Device Distribution
Total Devices
0
Across all device types
Vulnerability Risk Overview
At-a-glance risk posture for immediate situational awareness. Use the explorer below to drill down.
Urgent Findings
Highest urgency findings and software clusters driving current risk.
Threat Label Guide
Threat activeCVE is marked as actively exploited in current data.
Wormable-LikelyPropagation indicators plus delivery or high-impact signals suggest spread potential.
Ransomware-LikelyPost-compromise privilege abuse combined with spread or high-impact indicators.
Initial-Access-LikelyDelivery and execution indicators suggest likely initial-access paths.
These labels are prioritisation heuristics from CVE metadata and exploit context, not definitive threat intelligence.
Severity Distribution
Top Risk Software
Impacted Devices
Devices with the broadest vulnerability overlap in the current feed. Click one to filter the explorer.
Top Impacted Devices
Vulnerability Explorer
MITRE ATT&CK Coverage + Heatmap
Tactic Coverage
Indicative coverage estimate by ATT&CK tactic. Values represent a posture-weighted heuristic derived from active Conditional Access policies and Defender signal quality — not a formally measured detection coverage score.
Heatmap
Hotspot matrix for rapid detection of lower-coverage tactics.
Cyber Essentials Technical Controls
Estimated control readiness
0%
Evidence-weighted readiness across the five Cyber Essentials technical control themes.
Framework reference: Cyber Essentials Requirements for IT Infrastructure v3.3 (from 27 April 2026) · Last checked: 29 Apr 2026
Scoring basis: Estimated from managed endpoint telemetry. For guidance only; not a formal certification outcome.
CIS Controls (v8) Technical Coverage
Estimated coverage
0%
Technical telemetry mapped to selected CIS Safeguards; not a full CIS assessment.
Framework reference: CIS Controls v8.1 · Last checked: 29 Apr 2026
Scoring basis: Estimated from managed inventory + posture telemetry. For guidance only; not a formal audit or certification result.
NIST CSF 2.0 Technical Signal Snapshot
Estimated function coverage
0%
Function-level proxy signals from endpoint, identity, and exposure telemetry.
Framework reference: NIST CSF 2.0 · Last checked: 29 Apr 2026
Scoring basis: Estimated from control and exposure telemetry. For guidance only; not a formal audit or certification result.
ISO/IEC 27001 Technical Signal Snapshot
Estimated control alignment
0%
Evidence-weighted technical signals mapped to selected Annex A controls.
Framework reference: ISO/IEC 27001:2022 Annex A (selected technical controls) · Last checked: 29 Apr 2026
Scoring basis: Estimated from control and exposure telemetry. For guidance only; this is not a certification determination.
Interpretation: This card only scores telemetry-evidenced technical signals. ISMS governance, policy approval, HR, supplier, legal, risk treatment, and audit evidence remain out of scope.
NIS2 Technical Signal Snapshot
Estimated technical signal alignment
0%
Framework reference: NIS2 Directive (EU) 2022/2555 · Last checked: 29 Apr 2026
Scoring basis: Estimated alignment from mapped technical signals. For guidance only; this is not a legal determination of compliance.
Scope: Covers selected Article 21 technical signals only. Governance approval, supply-chain assurance, business continuity, cryptography, training, effectiveness assessment, legal duties, and notification obligations require separate evidence.
Device Inventory
MOCK
| Device Name | Type | OS | Health | Platform Ver. | Engine Ver. | Security Intel Ver. | Missing OS Patches | Vulns | CA Policies |
|---|
Conditional Access Policies
Compliance scale: 0% Low (Red) -> 100% High (Green)
Policy Gap Intelligence
Compensation
Priority policy gaps based on state, coverage, and missing controls that increase attack-path exposure.
Policy Overlap & Duplication
Detects exact duplicates, high overlap, and conflicting controls to reduce policy sprawl and simplify CA design.
Priority Gap Queue
Conditional Access Journey Map
End-to-end policy journey from identity to enforcement, with misconfiguration hotspots, best-practice validation, and ATT&CK mapping.
Policy Remediation Design Path
Clear phased remediation path to remove critical gaps, reduce duplication, and harden policy enforcement.
Defender for Endpoint Policy Posture
Policy-level visibility across assignment coverage, configuration compliance, detection outcomes, communication freshness, and control gaps.
Endpoint Compliance & Communication
OS cohort posture based on policy compliance reporting, last communication, and unresolved policy gaps.
MDE Policy Inventory Explorer
Showing 0 policies
Microsoft Secure Score Recommendation Gaps
Control-level recommendations pulled from Microsoft Graph Security secureScores and secureScoreControlProfiles, grouped by workload to show where secure-score gaps remain.
Recommendation Breakdown by Workload
Defender Stack Compliance
Defender Health
Latest Platform Version
n/a
Coverage
0.0%
Compliance & Gap Reports
Generate criteria-based compliance and gap reports across Cyber Essentials, CIS, NIST, ISO 27001, NIS2, Secure Score, MDE posture, Conditional Access, endpoints, and vulnerabilities.
Risk Landscape
Priority Actions
Report Preview