Goals and SLAs

Goals and SLAs is an InsightVM feature that helps you reduce overall risk and improve the security of your environment. You can track your remediation efforts by identifying goals and defining metrics to measure against those goals. To help you view your progress, you can add goal cards to dashboards.

This guide will introduce concepts about goals and SLAs and walk you through the steps of creating a time bound example.

Goal Types

A goal is a metric that you can use to evaluate your remediation efforts. You can build goals to track and measure progress against your vulnerability and asset data to help evaluate your organization’s overall security performance.

You can create three types of goals:

Time Bound Goals

A time bound goal lets you specify metrics based on a target date. It is a one-time goal with a set deadline and suited for data scopes that do not change. After you meet the goal, you most likely will not encounter it again after you achieve it.

For example, let’s say you have 150 assets that use Windows 10, but that operating system will become obsolete by October 2025. Since you’ll need to upgrade those 150 assets before October, you can create a time bound goal to help you track the systems that need to be upgraded before that date.

Examples include:

  • Remove 100% of Windows 7 desktops across the entire organization by January 14, 2020.
  • Reduce the number of exploitable vulnerabilities in Boston by 50% by December 2020.
  • Reduce the number of assets with critical vulnerabilities to less than 10% by June 15, 2022.

Continuous Goals

A continuous goal lets you monitor progress or criteria without a time limit, such as a rule or a key performance indicator. If you want to keep track of a recurring event or condition to ensure you’re compliant, use a continuous goal to monitor any new occurrences or status changes. A continuous goal helps you track repeatable events or conditions that can change with each scan or agent data collection.

For example, if you need to keep port 22 closed on all assets, you can create a continuous goal to monitor if any assets have an open port 22.

Examples include:

  • All external-facing assets must have a closed SSH port.
  • All critical assets should have had a successful credential scan.
  • 95% of our Linux assets must not have novice-level vulnerabilities.

SLAs

An SLA lets you track remediation over a dynamic time span as part of your organizational targets. An SLA monitors recurring events or conditions that can change with each scan, like a continuous goal, but under a designated time frame. This time frame starts on a rolling basis for each new vulnerability or asset discovered during scans or agent collection, so the SLA must be met or fixed for all instances within this designated time.

For example, you can use an SLA to monitor critical vulnerabilities on production systems to ensure they are patched within seven days after they are discovered. Since new vulnerabilities are constantly being discovered, you can’t make a time bound or continuous goal, since systems should be patched and protected as soon as possible.

Examples include:

  • Remediate all critical vulnerabilities in production environments within three days of discovery.
  • Remediate all vulnerabilities that have a CVSS of 5 or greater on Windows Servers within 15 days of discovery.
  • Remediate all assets in Boston to achieve asset risk score to be less than 1000 within 10 days of discovery.

Create a Goal or SLA

To create a goal or SLA, you will use a wizard to select your desired goal type, sort and define your data, establish the conditions you want to meet, and save.

Refer to this chart to help determine if you want to build a goal or SLA:

Goal Type

Data Scope

Time Frame

Time Bound

Does not change

Specific end date

Continuous

Can change

Ongoing

SLA

Can change

Relative

The process for creating a goal is identical for goals and SLAs. To create a goal, you must first navigate to your goals page, which is where you can launch the goal creation wizard.

There are two ways to access your goals page:

  • From the InsightVM left menu
  • From the dashboard by clicking on “View Goal Details” link on a goal card.

InsightVM Left Menu

To create a goal:

  1. Log into InsightVM.
  2. In the left navigation menu, click the Goals icon.
  1. When the “Goals and SLAs” page appears, click + New Goal in the upper right corner. This action will launch the wizard to create a goal.

Dashboard

To create a goal card on your dashboard:

  1. Log into InsightVM.
  2. In the left navigation menu, click the Dashboard icon.
  3. When the “Default Dashboard” page appears, click + Add Card in the upper right corner to launch the wizard to add a goal.

Note - Goals and queries

Creating goals relies on building queries to filter asset and vulnerability data in the Query Builder to narrow your scope.

Create a Goal

Here’s an overview of the steps:

  1. Select Goal Type
  2. Define Scope
  3. Specify Criteria
  4. Manage Goal
Create a Goal Example

We’ll also guide you through the steps of creating a time bound goal. These instructions will be in the “Time Bound Example” callout under each step. We’ll use this example:

I want to upgrade my assets from Windows 7 to Windows 10 by December 31, 2020.

Let’s get started.

Task 1: Select Goal Type

Before you begin, identify the criteria that you want your goal to measure and the goal type that aligns with what you want to achieve. After you’ve figured out the goal you want to build:

  1. Select the appropriate goal type.
  • Time bound
  • SLA
  • Continuous
  1. Click Continue >.

Time Bound Example - Select Goal Type

Since our example has a specific end date, the goal type you’ll select will be time bound:

  1. Select Time Bound.
  2. Click Continue >.

Task 2: Define Scope

You’ll use queries to narrow your data scope.

Note - Load Existing Queries First

If you want to use an existing query, you must first load it before adding new queries. If you Add an existing query after you build a new one, you will reset all of your work.

  1. You can either Load an existing query or click Add to create a new one.
  2. Click Apply to load your queries in the “Goal Scope” field. You can go to the next step by clicking Continue >, or you can build more queries by toggling “And” or “Or” to help string queries together.

Tip - More Queries Help Narrow Data

Adding more queries is optional, but helps cut your data down even more for faster processing.

  1. Once you are satisfied with your queries, click Continue > to go to the next step.

  2. Under the “Goal Scope” field, an assets and vulnerabilities table will display if you click the number of assets and vulnerabilities copy. As you add or remove queries, this data will refresh.

Under the “Goal Scope” field, you’ll see the number of assets and vulnerabilities dynamically change as you apply your queries. Click these numbers to display an asset and vulnerabilities table. The data will refresh as you add or remove queries.

Time Bound Example - Define Scope

Let’s take a closer look at how we would narrow our scope down. Using our Windows 7 to Windows 10 upgrade example, we first need to identify all assets that are currently using Windows 7.

To do that, follow these steps:

  1. Click Add.
  2. Type os in the field.
  3. Select os.
  4. Select ~>.
  5. Type windows 7 in the field.
  6. Click Apply to add your query to the “Goal Scope” field.
  7. Click Continue >.

Tip - What does “~>” mean?

When building queries in InsightVM, “~>” means “matches.” Understanding how to use operators is critical when building queries.

Task 3: Set Conditions

Next, you’ll specify the conditions you want your goal to meet by entering values into fields and building queries based on Assets or Vulnerabilities data. Note that the fields will vary slightly for each goal type.

  1. For Time Bound or SLAs, select Assets to add asset-based conditions or Vulnerabilities to add vulnerability-based conditions. Continuous goals are based only on assets.
  2. Add the conditions you want your goal to meet. Like the previous step where you defined scope, you’ll build a query to capture the condition(s) you want to achieve. See “Time Bound Example - Set Conditions” below if you want details on how to add conditions by building a query.
  1. After building your query or queries, click Apply.
  2. Complete the remaining fields and click Continue >.

Time Bound Example - Set Conditions

Before diving in, let’s take a look at the various fields used to set the conditions a time bound goal needs to meet:

  • Percentage Field
  • Select Assets or Vulnerabilities
  • Add Conditions
  • Select Due Date
Percentage Field

The first field displays the percentage of assets or vulnerabilities that must meet your goal specifications. If you remember our example, we want to upgrade our assets on Windows 7 to Windows 10. While we didn’t specify a percentage, we want all Windows 7 assets to upgrade, so we need to set the percentage to 100%.

To accomplish this, enter “100” in the percentage field.

Select Assets or Vulnerabilities

We need to select whether we want to measure assets or vulnerabilities. Select Assets, since we are looking for assets with Windows 7.

Add Conditions

Next, we have to create a query that captures what we want to achieve - in this case, we want assets on Windows 7 to upgrade to Windows 10. Just like when we previously defined scope using a query, we’ll also build a query to create the condition we want to meet.

To accomplish this:

  1. Click Add.
  2. Type os in the field.
  3. Select os.
  4. Select ~>.
  5. Type windows 10 in the field.
  6. Click Apply to add your query to the “Goal Scope” field.
  7. Click Continue >.
Set Due Date

Enter the date by which your goal’s conditions must be met. In our example, we want all assets running Windows 7 to upgrade by December 31, 2020. You can type in the date or use the date picker.

Task 4: Manage Goal

In this last step, you’ll enter a name and description to identify your goal. You can also assign your goal to a dashboard for easy reference. Click Finish.

After you create a goal, it will appear in the Goals tab, so you can see a quick snapshot of goals created by you and your security team, as well as manage your goals.

Note - SLAs must initialize

After creating an SLA, an “Initializing” status might appear in the "My Goals" table for a few minutes if the system is analyzing a large data scope.

Add a Goal Card on the Dashboard

After creating a new goal, you can add it to a card to any dashboard. See our Dashboard help doc for more information.

Follow these steps:

  1. In the left navigation, click the Dashboard icon.
  2. In the upper right corner, click + Add Card.
  3. In the pop-up window that appears, select Goals in the left column.
  4. Select your desired goal type by checking the appropriate box.
  5. Click Add. This action will add a goal card on your dashboard.