Security teams today face a critical disconnect where they can report that 95% of devices are patched or that endpoint detection is deployed across the network, but they cannot answer whether their most important business services are secure.
Traditional cybersecurity approaches organize data around technical assets like servers, applications, and devices, creating a blind spot when it comes to understanding which critical business services are at risk.
With some cyber frameworks now demanding service-level accountability and evidence of resilience, this inability to connect technical controls to business outcomes has become a strategic liability.
What can Panaseer's Business Lenses do for you?
Panaseer's Business Lenses transform how you can visualize and manage cyber risk by mapping technical assets and security controls to the business services they support.
Rather than viewing security data through a device-centric lens, business lenses organize metrics around what you and regulators care about, the health and resilience of important business services like payments, trade execution, or document signing.
Refer to What do I need to use Business Lenses? for more information on the minimum requirements for your organization.
Panaseer currently includes three lenses, mapped to three elements in the ServiceNow Common Service Data Model (CSDM v4.0), or a compatible alternative. Each higher-level lens includes all the information from levels below, all the way to the technical services domain (devices mapped to application service instances), enabling flexible dashboard filtering in Panaseer dashboards.
For more information on ServiceNow’s Common Service Data Model, refer to the CSDM 4.0 White Paper.
- Business Service Lens: Highest level, aggregates risk by core business service types. For example, a customer payment processing service.
- Business Service Offering Lens: Sits under BSL, showing risk for specific defined service commitments, such as subsidiaries or legal entities, helping to segment compliance and risk by division or product line. For example, online card payments for retail customers.
- Business Application Lens: Sits between the Business Service Offering and Application Service lenses, aggregating risk across all instances of a given application regardless of deployment environment, helping you understand the overall security posture of a specific application before drilling into individual deployments. For example, a UK payments engine across all environments.
- Application Service Lens: Lowest level, shows risk for a single deployment of an application or service instance, supporting technical workflows and granular remediation. For example, the production environment deployment of a UK payments engine.
Currently, lenses are only applied to the device inventory, so only device-centric metrics are compatible. We may expand inventory coverage in a future release.
Key Benefits of Business Lenses
- See risk where it really matters: Understand how controls failures affect the business services your customers rely on every day.
- Focus remediation on what drives your business: Prioritize security efforts based on which systems support critical services rather than treating all technical gaps equally.
- Make compliance and audits easier: Quickly show which services meet regulatory requirements with defensible evidence that aligns with cyber frameworks.
- Business Lenses are centralized: A change to a ServiceNow business service table updates the Panaseer inventory and trickles down to all relevant metrics. In contrast, Business Logic must be deliberately maintained and often needs to be updated in multiple places.
- It is standardized: We can easily link to any additional enrichment as long as it is populated in the ServiceNow tables Panaseer ingests.
How do I filter a dashboard using Business Lenses?
You can quickly apply a temporary lens by selecting a lens from the dropdown in a dashboard and then selecting a filter from the menu.
Adding a temporary lens
If you want to save an applied lens in a dashboard, click the Edit button to select the required lens and apply any filters that you need.
Saving a lens in a dashboard
Some metrics are not compatible with a selected lens. Metrics that cannot be used are grayed out for clarity.
This architecture lets you build dashboards that answer key questions by applying filters and breakdowns aligned with chosen business lenses. For example, filtering by the Business Service Lens helps identify vulnerable assets under a core service, while the Application Service Lens visualizes risk in a specific workflow.
What do I need to use Business Lenses?
Panaseer's Business Lenses implementation relies on our ServiceNow integration, certain inventories, and the relationships between those inventories and asset types. Refer to About Inventories for more information on Panaseer inventories.
Please contact your Customer Success representative for more information on how to get Business Lenses working for your organization.
To benefit from Business Lenses, your organization must have:
- ServiceNow aligned to the Common Service Data Model (CSDM) version 4.0, or a compatible alternative, with populated data unique to your business for relevant asset types and the relationships between them. For example, Business Service assets. These tables should be populated:
- svc_ci_assoc: The relationships data between business assets.
- cmdb_ci_service_discovered: The Application Service Instance data mapped to devices.
- service_offering: The Service Offering data required for the Business Service Offering and Business Service lenses.
- cmdb_ci_service_business (optional): The Business Service data required for the Business Service lens.
- A compatible version of the Panaseer ServiceNow managed connector.
- At least one of Panaseer’s device-centric Continuous Controls Domains:
- Device Coverage
- Endpoint Protection
- Infrastructure Configuration
- Patch Management
- Vulnerability Management
Legacy Insight Modules may benefit from the lens capabilities on a sub-set of metrics.
Comments
0 comments
Please sign in to leave a comment.