We tend to pry information out of RedSeal in a number of ways, some of them a little unorthodox. :)
The top areas we use are:
1) Risk map - automated extraction of risk map data via the API for trending and blending with other data sources.
2) Vulnerability information - auto. extract of vulnerability reports via the BIRT interface for additional blending and reporting at levels from an individual contributor all the way up to executive leadership.
3) Access information - by populating RedSeal with our business application<->system information from our CMDB, we can then report on which applications are reachable from identified threat sources. This reachability information is extracted via the API for consumption in our regular application risk reviews.Reply