Security Reports
Xshield Security Reports provide a clear, risk-focused view of an organization’s security posture by analyzing real traffic, allowed paths, and policy posture across the environment. The reports translate connectivity and exposure data into actionable insights that help organizations understand how breaches occur, how they spread, and how quickly they can be contained.
Built to support Zero Trust and microsegmentation, Xshield Reports focus on attack surface, lateral movement and blast radius, enabling teams to move from visibility to measurable breach readiness.
Why Security Reports Matter in a Breach Readiness Context
Most breach impact comes from lateral movement after initial compromise. Xshield Reports enable teams to:
- See how a single asset compromise can spread internally
- Prioritize controls that reduce reachable assets and blast radius
- Validate Zero Trust posture using observed traffic, not assumptions
- Track risk reduction as segmentation is applied
What Xshield Security Reports Do
In Xshield, breach readiness is defined by how quickly and effectively an organization can contain lateral movement after an initial compromise.
Security Reports help organizations:
- Identify attack surface from exposed ports, inbound paths, and internet-facing assets
- Measure blast radius based on allowed outbound and lateral connectivity
- Highlight lateral movement exposure across management, infrastructure, and application services
- Understand reachable assets and shared infrastructure dependencies
- View exposure across assets, environments, and segments
By focusing on containment and isolation, reports enable security teams to move from reactive defense to breach-ready operations.
Types of Xshield Reports
Xshield Reports move beyond visibility by showing where segmentation and policy changes reduce breach impact the fastest and act as a feedback loop for Zero Trust policy design.
Xshield provides two types of reports to help organizations understand, track, and reduce security risk. Together, these reports support both baseline security visibility and advanced breach readiness analysis.
- Breach Ready Segmentation
- Breach Readiness Impact Assessment
1. Breach Ready Segmentation
Breach Ready Segmentation report provides a foundational view of exposure and risk across assets, environments and segments. The report focuses on exposure-driven risk measurement.
This report provides
- An overview of breach impact for the selected scope, summarizing the current security risk state
- Segment-specific breach impact states, including:
- Attack Surface – exposure created by inbound paths, open ports, and internet reachability
- Blast Radius – exposure created by outbound paths and lateral connectivity
- Milestones and recommendations required to move from the current state toward a Target Breach Impact Score
- Mapping of MITRE ATT&CK techniques to the services and ports applicable for the selected segment(s)
These reports help teams understand where exposure exists, how it contributes to breach impact and what changes are required to reduce risk over time.
2. Breach Readiness Impact Assessment
The Breach Readiness Impact Assessment (BRIA) is a business-aligned security assessment report that evaluates how prepared an organization is to contain and limit the impact of a breach. Rather than focusing only on exposed ports or individual assets, BRIA examines how a breach would affect operations, how far it could spread, and what actions reduce risk most effectively.
This report is designed for both security and business stakeholders, providing a shared view of technical exposure and business impact.
What is a Breach Readiness Impact Assessment (BRIA) report?
Breach Readiness Impact Assessment (BRIA) is an impact-driven security report that combines exposure analysis with quantified business risk. It assesses breach readiness by evaluating attack surface, lateral movement potential and blast radius. It then translates these technical factors into operational and financial impact.
The report does not enforce controls or automatically remediate issues. Instead, it provides decision-support insight to guide segmentation and access control strategies.
What the Report Shows
Breach Readiness Impact Assessment (BRIA) presents a consolidated view of breach risk, including:
- Overall breach impact and potential operational disruption
- How exposure is distributed across all Assets
- Internet-facing and internal services that contribute to breach spread
- Lateral movement risk driven by management, infrastructure and application ports
- Mapping of exposed services to MITRE ATT&CK techniques
- Data-driven recommendations and milestones to reduce breach impact over time
Together, these insights explain why the current risk exists and provide recommendations to reduce it.
Creating Reports
Create Breach Ready Segmentation Report
There are 2 ways to create a Breach Ready Segmentation Report:
- Option 1: Navigate to the Reports section in the Navigation bar and select the Create Report option. Then, select the Breach Ready Segmentation Report from the dropdown and select the segments you want to include in the report.
- Option 2: Navigate to the Segments page and select the segments you want to include in the report, then select the Create Report button.
Create a Breach Readiness Impact Assessment Report
Navigate to the Reports section from the navigation bar and select Create Report. From the report type dropdown, choose Breach Readiness Impact Assessment Report.
Provide the required details, including the Report Name and report criteria, and proceed to create the report.
After creation, you can preview the report and export it as a PDF directly from the Reports page.
Report Access and Permissions
The following roles can generate and download reports
| Role | Create Reports | Download Reports |
|---|---|---|
| Administrator | Yes | Yes |
| Auditor | Yes | Yes |
| Constraint-Based Users (Read & Write access) | No | Yes |
| Read Only | No | Yes |
Summary
Xshield Reports help organizations move beyond generic security posture reporting by making breach risk measurable and explainable. The reports show how a single compromise can escalate across the environment, and highlight the actions that most effectively reduce blast radius and containment time. They enable clear communication with leadership around risk, readiness, and investment, while providing a structured, time-bound path to improve breach containment.