Managed Risk Portal Updates

Managed Risk in Unified Portal

Arctic Wolf will soon be launching Managed Risk in Unified Portal (MR in UP), the next iteration of our risk exposure platform to discover, assess, and harden your environment against digital risks. This document outlines the capabilities users will have access to starting August 28, 2025 and identifies important changes to the product and distinctions between the legacy system and the experience in Unified Portal.

Key Features:

Please note that your data and access to the legacy Managed Risk applications will not be affected by the launch of Managed Risk in Unified Portal.

User Experience

Managed Risk in Unified Portal will provide access to several new pages in the Arctic Wolf Unified Portal. These pages will be accessed by new options introduced in the side navigation menu under Managed Risk.

navigation menu

Risk Exposure Overview

The Risk Exposure Overview page has widgets and visualizations that highlight critical metrics about your environment and risk posture and provides quick entry points into more detailed views of your risks and assets.

Risk Exposure Score Widget

This widget shows the organizational level risk score that is derived from all the assets in the organization and represents an organization's risk exposure through the vulnerability prevalence on the assets.

risk exposure score widget

Common Metrics Cards

These cards capture commonly viewed metrics about the risks found in the user's environment. Each card will navigate to a filtered view in the Risks Page when selected.

common metrics cards

Top Vulnerabilities Widget

Provides visibility into the most prevalent risks in the organization, sorted by Risk Score and then count. Clicking on any of the various fields will navigate to filtered pages for additional details or supporting documentation.

top vulnerabilities widget

Top Known Exploitable Vulnerabilities Widget

To help drive visibility into the potentially most critical risks in the user's environment, this widget identifies those vulnerabilities that are part of the CISA Known Exploited Vulnerabilities (KEV) catalog. Clicking on any of the various fields will navigate to filtered pages for additional details or supporting documentation.

top known exploitable vulnerabilities widget

Risks by Source Widget

This widget allows users to see how their risks are distributed across the different scan sources they employ. Currently only showing Agent and Internal Vulnerability Assessment (IVA) sources, this will be expanded as more sources become available. Clicking on any of the chart elements will take the user to a filtered view in the Risks Page.

risks by source widget

Where appropriate, users can configure the time window for the data being shown, for example, New Risks over the last 7 Days.

Risks Page

The Risks page is the workbench for your risk management program and represents a view of all the risk findings across your environment. From here, you can apply the necessary filters and sorting criteria to produce a list of the most critical risks in your environment you want to remediate.

risks page

The user interface provides increasing levels of detail to allow easy access to important risk and asset information.

expanded row
risks details

Filtering, Export, column selection and other display options are accessed via the selections on the top-right of the risk table.

table controls
filters modal

Group by Vulnerability

To help manage the quantity of risks found by the scanners, we have introduced the “Group by Vulnerability” view that will aggregate the risks together under the vulnerability name and provide counts for open and resolved risks. This allows users to quickly understand the most prevalent vulnerabilities in their environment and also track their remediation “burn down”.

group by vulnerability

Important Differences

Some important changes about the risks in the Unified Portal versus the experience in the legacy Risk Dashboard:

  1. Risk Granularity - The legacy Risk Dashboard applied some default grouping to risks, mainly those associated to Agent scans. The default risks in Unified Portal view is mostly derived from findings based on a specific CVE, so users will see an increase in the overall number of risks in their environment. Some findings will still group some CVEs together based on our detection logic.
  2. Risk Lifecycle - Depending on the risk source, in the legacy Risk Dashboard users need to manually transition the risk State to ensure it would move to a mitigated state if it was found remediated. Risks in Unified Portal do not require any manual intervention as part of the risk lifecycle.
  3. Scores and Counts - Risks in Unified Portal (along with My Assets) uses new backend systems to manage assets and risks, so users should not expect aggregated values (e.g. New Risks) or the Organizational Risk Score values to be the same as what they see in the legacy Risk Dashboard.

Users can access online documentation at any time by choosing the “Learn More” link in the upper right corner of the blue Managed Risk Early Access banner at the top of the page.

learn more

Known Limitations and Issues

In its current state, Managed Risk in Unified Portal does not have complete feature parity with Risk Dashboard and users will continue to have access to their legacy systems and data. Below are some limitations of the initial release of MR in the UP:

  1. Agent and IVA Risks Only
    • Similar to the My Assets page MR in UP pages will only display risks associated with Agent and your internal Vulnerability Assessment (IVA) scanners. Risks from the External Vulnerability Assessment (EVA) scanners will be introduced in the future (estimated October 2025.)
  2. IP address-only Assets
    • Discovered assets that can only be identified by an IP address will not have risks associated with them. We are working to improve our “signal strength” to have more attributes associated with each asset that allows us to better de-duplicate asset and risk instances.
  3. Asset Tagging
    • Any tagging needs for assets will still need to be done in the assets section of the legacy Risk Dashboard. There is a daily process that will run to synch any asset tag changes made in Risk Dashboard to the My Assets page in Unified Portal.
    • Asset Tagging in My Assets will be available in October 2025
  4. Agent Scans: CIS Benchmark and de-bug scan reports
    • MR in UP does not currently provide a way to access these reports so users will need to use the legacy Risk Dashboard>Agent>Agent Scan Details page.
  5. Management Plans
    • This functionality will be migrated in a later release

Getting Support

The standard Arctic Wolf support processes apply to Managed Risk in Unified Portal. Please create a Zendesk ticket to engage your CST or CSM and they will escalate appropriately.