HailBytes ASM: MSSP Portfolio View Now Shows Per-Client Security Metrics

For MSSP operators managing a portfolio of client projects in HailBytes ASM, the All Projects page has always been the logical starting point for a morning triage session. Until now, it showed exactly four columns: name, description, slug, and an actions menu. Every meaningful question — which clients have open critical findings? whose scans failed overnight? who is approaching their asset budget? — required clicking into each project individually.

That changes with today’s update. The portfolio table now surfaces the metrics that actually drive triage decisions directly in the list view, so the first screen is genuinely actionable.

The Problem with Click-Through Triage

An MSSP managing fifteen client projects in HailBytes ASM would previously start each shift the same way: open project one, check scan status, check open findings, navigate back, open project two, repeat. At five projects the friction is manageable. At fifteen or twenty it’s a material time cost, and the pattern breaks entirely during an incident when you need to determine which clients are affected across the portfolio in under a minute.

The issue is a classic signal-to-noise problem: the information existed, it just required navigating to it. Moving those four data points into the portfolio table collapses what was a multi-minute workflow into a single page load.

Color-Coded Risk Flags

The metrics are not just displayed — they’re used to visually escalate rows that need attention. A project with unacknowledged critical-severity findings renders the entire row in red, with a red badge on the critical count. The intent is that a scan-status check in the morning should surface the most urgent items at the top of your attention without requiring you to parse each row individually.

Budget utilization follows the same logic: rows approaching or exceeding a project’s configured ProjectQuota display an amber or red badge, so capacity surprises are visible before they become billing conversations.

No Additional Database Load

Adding four new data dimensions to a table that could contain dozens of rows is a query-load decision as much as a UX decision. The implementation uses a bounded set of grouped aggregates — one query for open critical counts across all projects, one for open high counts, one for the latest scan per project — plus a call to the existing billing rollup that already resolves ProjectQuota budgets. There are no per-row queries; the page load cost is the same whether you have five projects or fifty.

Who Benefits

This change targets two groups specifically. First, MSSP analysts who use the All Projects page as a daily work surface and have been maintaining mental notes or external spreadsheets to track per-client risk state. Second, vCISOs and security program managers who check in on portfolio posture less frequently but need to assess the overall picture quickly when they do.

For both, the goal is the same: the list view should be the answer to “which of my clients needs attention right now,” not the starting point for finding the answer.

Getting the Update

This change is available now in the latest HailBytes ASM release on the AWS Marketplace and Azure Marketplace. Existing deployments update by pulling the latest Docker image. No configuration changes are required — the portfolio metrics populate automatically from existing scan and billing data as soon as the update is applied.