Device and Coverage

The Device and Coverage domain provides assurance that all your devices are running the required security tools and controls.

Panaseer ingests data from sources across your security, IT and business tools, to create comprehensive asset inventories. This allows you to compare the coverage of all your data sources against the Panaseer inventory.

For example, you can ensure that all devices are in the CMDB, along with useful information brought in from other tools; have the right endpoint tools deployed; or are being picked up by your vulnerability scanners. And so much more.

Benefits

Validate the coverage of tools and controls running on your devices.
Find gaps in the coverage of your tools and controls.
Prioritize remediation of coverage tools based on business risk.
Consolidated, validated view of data from a range of tools.
Measure performance against your SLAs and track changes.

Spotlight metric

Performance across controls

This dashboard provides coverage metrics for a range of security tools.

It tells you what percentage of your devices are present on that tool. Whether it's devices recorded in the CMDB, devices protected by your EDR, or devices scanned by your vulnerability scanner. These coverage metrics are crucial for providing context of what you're measuring but also highlight gaps in coverage than you can fix to improve your overall security posture.

Example connectors

Entra ID / Azure AD

ServiceNow

CrowdStrike

Available metrics

Type	Name	Description
Informational	Devices With Control Check Failures	The number of devices in the Panaseer Inventory that have a status of Failed
Informational	Devices With Control Check Status	The number of devices in the Panaseer Inventory that have a status
Informational	Devices failures (percentage)	The percentage of devices failed
Informational	Accounts in Group	The number of accounts in the Panaseer Inventory (with group ID)
Informational	Accounts associated with Person	The number of accounts in the Panaseer Inventory (with person ID)
Informational	Hosted Applications	The number of hosted applications in the Panaseer Inventory (with device ID)
Informational	Applications associated with Person	The number of applications in the Panaseer Inventory (with person ID)
Informational	Devices hosting Application	The number of devices in the Panaseer Inventory (with app ID)
Informational	Devices associated with Person	The number of devices in the Panaseer Inventory (with person ID)
Informational	Groups containing Account	The number of groups in the Panaseer Inventory (with account ID)
Diagnostic	Applications never vulnerability scanned	The number of applications that have never been scanned for vulnerabilities
Coverage	Cloud accounts in CSPM	The number of cloud accounts that are in the CSPM
Coverage	Cloud accounts not in CMDB	The number of cloud accounts that are not in the CMDB
Coverage	Cloud accounts not in CSPM	The number of cloud accounts that are not in the CSPM
Informational	Accounts	The number of accounts in the Panaseer Inventory
Informational	Applications	The number of applications in the Panaseer Inventory
Informational	Cloud Accounts	The number of Cloud Accounts in the Panaseer Inventory
Informational	Databases	The number of databases in the Panaseer Inventory
Informational	Devices	The number of devices in the Panaseer Inventory (with granular filters available)
Diagnostic	Devices expected in at least 1 control	The number of devices expected in at least 1 control
Diagnostic	Devices expected in at least 2 controls	The number of devices expected in at least 2 controls
Diagnostic	Devices expected in at least 3 controls	The number of devices expected in at least 3 controls
Diagnostic	Devices missing from at least 1 control	The number of devices missing from at least 1 expected control
Diagnostic	Devices missing from at least 2 controls	The number of devices missing from at least 2 expected controls
Diagnostic	Devices missing from at least 3 controls	The number of devices missing from at least 3 expected controls
Informational	Devices	The number of devices in the Panaseer Inventory
Informational	Groups	The number of groups in the Panaseer Inventory
Informational	People	The number of people in the Panaseer Inventory
Informational	Installed Software	The number of installed software in the Panaseer Inventory
Diagnostic	Devices missing from at least 1 control	The percentage % of devices expected in but missing from at least 1 control
Diagnostic	Devices missing from at least 2 controls	The percentage % of devices expected in but missing from at least 2 controls
Diagnostic	Devices missing from at least 3 controls	The percentage % of devices expected in but missing from at least 3 controls
Compound risk	Device coverage and Vulnerabilities with owner phishing tests	The number of devices with vulnerabilities and who's owner has received a phishing test
Compound risk	Vulnerability detections with device coverage information	The number of vulnerability detections on devices (includes devices tool coverage information)
Compound risk	Unique Devices associated with People	The number of devices with relationships to people
Compound risk	Unique Devices hosting Application	The number of devices in the Panaseer Inventory hosting applications
Compound risk	Unique Devices not hosting Application	The number of devices in the Panaseer Inventory not hosting applications
Compound risk	Unique People without Standard Accounts	The number of People without standard accounts
Compound risk	Unique People without Standard Accounts (internal)	The number of People without standard accounts (internal)
Compound risk	Unique Devices without Owner	The number of devices in the Panaseer Inventory without owner

New metrics for 2026

Type	Name	Description
Policy	Devices missing from vulnerability scan	The percentage of devices expected in but missing from a recent vulnerability scan
Policy	Devices missing from SCCM	The percentage of devices expected in but missing from SCCM
Policy	Devices missing from IP vulnerability scan	The percentage of devices expected in but missing from a recent IP vulnerability scan
Policy	Devices missing from EDR	The percentage of devices expected in but missing from EDR
Policy	Devices missing from device manager	The percentage of devices expected in but missing from device manager
Policy	Devices missing from CMDB	The percentage of devices expected in but missing from CMDB
Policy	Devices missing from BigFix	The percentage of devices expected in but missing from BigFix
Policy	Devices missing from AV	The percentage of devices expected in but missing from AV
Policy	Devices missing from authenticated vulnerability scan	The percentage of devices expected in but missing from a recent authenticated vulnerability scan
Policy	Devices missing from AD	The number of devices expected in but missing from Active Directory
Policy	Devices expected in vulnerability scan	The number of devices expected in vulnerability scan
Policy	Devices expected in SCCM	The number of devices expected in SCCM
Policy	Devices expected in IP vulnerability scan	The number of devices expected in IP vulnerability scan
Policy	Devices expected in EDR	The number of devices expected in EDR
Policy	Devices expected in device manager	The number of devices expected in device manager
Policy	Devices expected in CMDB	The number of devices expected in CMDB
Policy	Devices expected in BigFix	The number of devices expected in BigFix
Policy	Devices expected in AV	The number of devices expected to have AV
Policy	Devices expected in authenticated vulnerability scan	The number of devices expected in authenticated vulnerability scan
Policy	Devices expected in agent vulnerability scan	The number of devices expected in agent vulnerability scan
Policy	Devices expected in AD	The number of devices expected in Active Directory
Diagnostic	Devices with software	The percentage of devices with software installed
Informational	Installed software	The number of installed software in the Panaseer Inventory
Informational	Devices with software	The number of devices with software
Informational	Service Instances	The number of service instances in the Panaseer Inventory
Informational	Business services offering	The number of business service offerings in the Panaseer Inventory
Informational	Business services	The number of business services in the Panaseer Inventory
Diagnostic	Applications never vulnerability scanned	The number of applications that have never been scanned for vulnerabilities
Compound risk	Groups containing Account	The number of groups in the Panaseer Inventory (with account ID)
Compound risk	Accounts in Group	The number of accounts in the Panaseer Inventory (with group ID)

Metrics and Measures

Vulnerability Management metrics

Next domain