nevisReports Governance Dashboards

Governance dashboards make the governance of your security infrastructure easier than ever. Intuitive graphics present previous as well as current data across all main components. This enables the recognition of normal and abnormal behavior.

Benefits

nevisReports provides detailed, near real-time governance dashboards on the usage of all main components of your NEVIS Security Suite. You will be able to identify normal and abnormal behavior, which is crucial in detecting potential threats.

 

nevisReports aggregates log data and information from various sources into visually appealing dashboards for an improved overview of system activity. It has a scalable architecture that allows processing and visualization of large amounts of data.

 

Additionally, the governance dashboards can be customized in order for you to be able to focus on the dashboard items most relevant to you. The dashboards can be tailored to the requirements of any organization that wants to visualize and consequently analyze the usage patterns of its NEVIS environment.

 

 

What is it about?

Security today requires a holistic view on granted authorizations, authentication processes and identities. Every day, you need to protect your business applications, manage on- and offboarding processes and perform other crucial security-related functions.

 

Without a tool to summarize all these events, managing the complexity of your system can be daunting.

 

nevisReports solves this problem. Its governance dashboard provides selected information on important events across the main components of your NEVIS Security Suite.

 

You will not need to manually interpret reports from different components – the governance dashboard gives you a unified view on your data.

 

Report data is summarized in a visually pleasing format. Key figures on your NEVIS infrastructure are presented in a self-updating graphic.

 

You get an understandable overview of the entire system activity. This will help you define what is "normal" system behavior. Consequently, you will also see what is "abnormal" behavior and constitutes a potential threat, configuration issue or system malfunction.

 

 

Main Features

  • Multiple components – one dashboard
  • Comparison of previous to current data to recognize abnormalities
  • Dashboards are always based on the latest data (near real-time reporting)
  • Dashboard visibility can be restricted to specific user groups
  • Interactive charts with tooltips
  • Quickly find problems affecting individual business applications
  • Overview of dormant accounts and authorizations
  • Drill down to the dashboard's sources (detailed event logs) using nevisReports' governance reports

 

 

Dashboard Preview

Zoom

This NEVIS governance dashboard preview has much to offer: The wide variety of dashboard items shows how powerful nevisReports is. Intuitive graphics present you with an easily understandable overview, which allows the governance of your business applications.

 

 

Use Cases

Use Case 1 – Recognizing normal and abnormal behavior

You are tasked to check on the behavior of your applications in terms of concurrent sessions.

 

The close-up shows how the number of concurrent sessions over the last 24 hours compares to the numbers of concurrent sessions in the past. The black line indicates the activity during the last 24-hour period. The gray lines represent the behavior during previous days.

 

This is exactly what enables you to recognize normal and abnormal behavior. As long as the black line follows the same pattern as multiple gray lines, you are witnessing normal behavior.

 

Around twelve hours ago, however, the black line shows a completely different pattern. You are seeing abnormal behavior and are encouraged to look into its cause. It could be a security threat, system malfunction or configuration issue.

 

The tooltip functionality offers you more detailed information on this abnormality (or on any other data point). With this information, you can refer to the nevisReports governance reports to dig even deeper.

 

It is possible for there to be more than one pattern. For example, right now, it looks like the gray line on the bottom of the graph is a previous abnormality. However, if other lines had a similar path, it could constitute a second normality that happens, e.g., on the weekends.

 

Use Case 2 – Dormant accounts and authorizations

For a risk and compliance officer, it is important to know if issued accounts and authorizations are still necessary. It aids in evaluating your company's current exposure to threats and in making plans on how to minimize it.

 

Assume that since approximately two and a half months, efforts to reduce the number of dormant accounts as well as dormant authorizations to under 10% have been made.

 

The dormant accounts dashboard item shows how the number of enabled accounts that have been inactive for a specific, customizable time period has developed over the last few months.

 

In this case, you see that the measures you took are bearing fruits. The amount of dormant accounts was reduced to 9% of the total number of accounts.

 

The number of dormant authorizations per protected business application and per user can be observed in a similar way by monitoring the dormant authorizations dashboard item.

 

In this case, you can see that it has also decreased, but that there is still some room for improvement at 13%. You may choose to revoke even more dormant authorizations to further reduce your company's attack surface.

 

 

Architecture

nevisReports monitors and collects statistical data from nevisProxy, nevisAuth and nevisIDM. However, it has only minimal influence on their operation.

With the collected data, nevisReports then generates a governance dashboard, which is available to the users via the web.