Skip to content

Issue diamond (prioritization)

Nanitor lists its detected issues both as a flat list and in a diamond view to display issues with ranked priorities according to an issue's prioritization score. Navigating to the Nanitor issue diamond (Issues -> Diamond) will show issues positioned in a diamond, to make it visually pleasing and so it is clear that the issues with the highest priority are at the top. It will also list issues separated into Nanitor's defined priority categories (P0, P1, or P2).

The Nanitor issue diamond view

The issues to be displayed in the Nanitor diamond (to the left) and the priority category list (to the right) can be filtered on various aspects (e.g. by issue type) from the filter selection options above the diamond. Clicking on one of the numbers of detected issues in the diamond will navigate you away to the issue detail list view filtered on the selected issues.

The Nanitor diamond reveals the detected security problems according to their calculated priority ratings in a 45-degree rotated square (diamond). The diamond is a 10 by 10 square where each square represents a range of priority ratings for the issue and asset. Each square shows the number of issues in the corresponding issue priority range whose most important asset is in the corresponding asset priority range.

Issue diamond rotated

In the image above the diamond is rotated for clarity, showing that there are 2 issues located in the top right square. In the top right square fall all issues where the issue priority and highest asset priority round to 10 (at least 9.5). The 1 issue placed on the square to the left of the top right square represents all issues where the issue priority is round to 9 (at least 8.5 and less than 9.5) and the asset priority round to 10, and so on.

The used color palette indicates in general the severity of the detected issues and can be considered a good guideline on the issues that need to be remediated at each time. Keep in mind that resolving an issue on the most critical assets might rank the issue lower since the prioritization score is a product of the issue priority and the maximum of the asset priority where the issue has been detected on. The issues represented in the square do not indicate how many assets an issue has been detected so it does not tell anything about the impact of the issue on the entire IT infrastructure. Issues located in the top diamond should always be addressed at any time within 30 days as the best security advice.