Info |
---|
This document covers the various scoring calculations and methods used for the Asset(s) Risk Scoring and various point systems. |
Table of Contents | ||
---|---|---|
|
...
Severity and Risk Scoring Descriptions
Severity
This indicates the seriousness or criticality of a vulnerability. Common severity levels include low, medium, high, and critical. Higher-severity vulnerabilities typically pose a greater risk and require immediate attention and mitigation.
...
The Impact Score evaluates the potential impact of a vulnerability on the affected system or organization. It considers factors such as data loss, system compromise, service disruption, regulatory compliance impact, and financial repercuss
...
How is ‘Severity’ Calculated?
Severity information is imported from the standard vulnerability databases.
...
...
How is EPSS Calculated?
You can find the general calculation on EPSS in the link below:
...
https://epss.cyentia.com/epss_scores-current.csv.gz
...
Asset Risk Scoring Details
Assets are scored individually and assigned a letter grade: A, B, C, D, E, or F, just like in grade school. Tap on the letter grade of any asset to see the Rubrix breakdown of how we score based on vulnerabilities.
...
Security and Compliance Report Card Grading
Info |
---|
The table values below are used for our Security Report Card and Compliance Report Card grades. |
...
Security Report Card
...
Compliance Report Card
...
End of Life
ConnectSecure checks against Assets to categorize end-of-life (EOL) in two ways.
...
This is found in the Problem Group of ‘Informational’ as shown in the example below:
...
Risk Level Descriptions for EOL on Active/Security Support
Level | Description |
---|---|
1 | Both Active and Security Support have ended; no support is available |
3 | If the operating system is within 1 year of its security support end date; limited support |
4 | If the operating system is within its Active support but past its Security support; extended support |
5 | If the operating system is within both Active and Security support timelines; full support |
...
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
...