Hamish Burke | 2025-06-29

Power BI Dashboards

• Have free license with uni
• https://app.powerbi.com/home?experience=power-bi

Terminology

• Visualisation
  • Interactive chart that allows for slicing, filtering, and drilling into data
• Semantic Model
  • Container of data used to build reports, dashboard and apps. Can combine multiple data sources into a single model
• Report
  • Multipage, interactive
• Dashboard
  • Single Page
• Exploration
  • A single chart/matrix that can be added to a report/dashboard

Security Operations Dashboard

Things to include:

• Top vulnerabilities by CVE score (bar chart: CVE ID vs Severity Score)
  • Reporting Desktop Vulnerabilities
• Expiring certificates (Table + colour flag: hostname, cert_name, exp data)
  • Automating Certificate Renewal
• Sign-in failures by IP/User (Matrix: (User),(IP, Failure Count))
• Inactive accounts (Card + table: Count of users)
  • Auto-Disabling Unused Active Directory Accounts
• Security Alerts Trend (last 30d) (Line chart: Date vs alerts_count)
• Unpatched Endpoints Count (Donut chart + card: Summ of missing_patches_count per OS)

Data sources

• Defender (DeviceTvmSoftwareVulnerabilities)
• Acme.sh logs
• Azure AD Logs
• AD via PS (powershell scripts could upload this to a sharepoint list as suggested)
• Sentinel/Defender (whatevers used)
• Intune/SCCM (for unpatched endpoints)

Dashboard Features

• Role-based views
  • Manager: Just KPI's and weekly changes (more overview)
  • Analysts: Drilldowns, specific details
• Scheduled Refreshes (depended on TTL of data)
  • For certs, daily?
  • Auth logs, hourlys
• Pair with Power Automate for alerts
  • Trigger email/teams msg if something exceeds a threshold

Asset Management Dashboard

Asset (
  hostname,
  asset_tag,
  os_name,
  os_version,
  patch_status,
  owner_name,
  department,
  last_seen,
  cve_count,
  cert_expiry_date,
  is_virtual,
  warranty_expiry,
  location
)