The Major Days widget identifies the specific dates responsible for significant changes in security posture. The widget synthesizes complex telemetry, such as asset onboarding, vulnerability discoveries, or completed remediation cycles, into a prioritized list of impactful events. Each entry details the specific security event causing the metric change and includes direct navigation links for data validation.

A Major Day is a calendar date where the platform detected a significant spike or drop in your Exposure or Maturity scores.

The widget highlights these days to show the direct impact of operational changes, such as:

Each Major Day is presented as a summary card that quantifies the impact of that day’s activities across the platform's risk model.
​

These metrics explain why the day was chosen as "Major." They represent the most significant fluctuations in your risk and capability levels for the selected period.
​

Once a day is selected based on Exposure or Maturity, the card also displays the corresponding shifts in Likelihood and Cost of Breach. These provide the "business-risk" perspective:

A bulleted list summarizes the specific events behind the numbers. These narratives are derived from the same underlying graph data that drove the metric shifts, providing a plain-language explanation of the day's operational reality.

Every Major Day card features a navigation icon (↗) next to the date.

Clicking this icon redirects the view to the Audit Logs with the corresponding date filter automatically applied. This enables the granular review of telemetry events, such as specific CVE detections or configuration changes, that drove the score fluctuation.

The Major Days widget provides the factual anchor for your security timeline. By surfacing the most impactful days and showing how they affect multiple metrics, you can justify security investments and see the real-world impact of your team's work.