Skip to main content
availability

Package: Invicti AppSec Core (on-demand)

Monitor a target's risk

Drill into a single target to see how risky it is right now, which vulnerabilities are overdue, and how quickly your team is closing them - so you can decide where to focus remediation effort. This document explains how to open the target dashboard and how to read each metric and chart it shows. The dashboard opens automatically after you create a target, and you can return to it any time from the targets list.

To navigate to a target dashboard:

  1. Select Inventory > Targets from the left-side menu.
  2. Click the target name to open its dashboard.

Why this matters

Without a target-level view, every vulnerability looks the same. The target dashboard helps you spot which targets are deteriorating, where SLAs are slipping, and which scanner is doing the heavy lifting - so remediation effort goes where it matters.

Read the target's risk at a glance

Use these metrics to answer the question "how exposed is this target right now?":

Target dashboard metrics row showing the Open Vulns, Risk Score, Known Exploit, Vuln. Score, Issues, Overdue, WOE, and MTTR tilesTarget dashboard metrics row showing the Open Vulns, Risk Score, Known Exploit, Vuln. Score, Issues, Overdue, WOE, and MTTR tiles
  • Open vulnerabilities - total count of new and recurrent vulnerabilities found for this target, broken down by severity. Use it to see how much remediation work is still on your team's plate.
  • Risk score - a single number summarizing this target's exposure, shown at organization and project level. Use it to compare targets and prioritize the riskiest ones first.
  • Known exploit - vulnerabilities with a known public exploit. These deserve immediate attention because an attacker doesn't need to develop new tooling to use them.
  • Vulnerability score - vulnerability score for this target on a 0-10 scale, shown at organization and project level. Use it to gauge how severe - not just how numerous - the open work is.
  • Issues - vulnerabilities that have an open issue in an integrated issue tracker. Use it to see which findings have already been handed off to engineering.
  • Overdue - vulnerabilities past their SLA. Address these first to bring the target back into compliance.
  • WOE (Window of Exposure) - average age of open vulnerabilities in days, by severity. A growing WOE means your team is falling behind on this target.
  • MTTR (Mean time to remediate) - average time to close a vulnerability, by severity. Track this to see whether remediation is getting faster or slower.

Investigate where the risk comes from

Use the charts to dig past the headline numbers and find which scanner, severity, or ASVS category needs your attention. The target dashboard shows the same charts as the organizational dashboard, scoped to this target alone - for descriptions of each chart type, refer to the Dashboard overview document.

For background on ASVS compliance scoring, refer to the Track ASVS compliance for a target document.

Troubleshooting

The dashboard shows zero data after I created the target

The dashboard populates only after a scan runs against the target. Start a scan, and the metrics and charts update once the scan completes.

The risk score hasn't changed after I closed vulnerabilities

The risk score recalculates when new scan results come in. Re-scan the target so the score reflects the current open vulnerabilities.

The ASVS compliance chart is empty

The ASVS chart needs a business criticality level set on the target so it knows which criteria to evaluate against. Set the criticality level on the target, then re-open the dashboard. For more information, refer to the Track ASVS compliance for a target document.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?