Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

This document covers the various scoring calculations and methods used for the Asset(s) Risk Scoring and various point systems for assets.

Table of Contents
stylenone

...

Severity and Risk Scoring Descriptions

Severity

This indicates the seriousness or criticality of a vulnerability. Common severity levels include low, medium, high, and critical. Higher - severity vulnerabilities typically pose a greater risk and require immediate attention and mitigation.

...

A numerical value is assigned to a vulnerability based on its characteristics and potential impact. It is often calculated using a standardized formula, such as the Common Vulnerability Scoring System (CVSS), which considers factors like exploitability, impact, and other metrics.

EPSS Impact ScoreEnvironmental Score is a component of the CVSS (Common Vulnerability Scoring System) that considers environmental factors specific to the organization's environment. This score reflects how the vulnerability affects the specific deployment environment and helps assess the risk in real life.

The Impact Score evaluates the potential impact of a vulnerability on the affected system or organization. It considers factors such as data loss, system compromise, service disruption, regulatory compliance impact, and financial repercuss

Exploitability Score

Indicates the ease with which an attacker could exploit the vulnerability to launch an attack. Factors such as the availability of exploits, complexity of exploitation, and required privileges may contribute to this score.

Impact Score

The Impact Score evaluates the potential impact of a vulnerability on the affected system or organization. It considers factors such as data loss, system compromise, service disruption, regulatory compliance impact, and financial repercussTo see these scores you can tap on the CVE-ID and then tap on the Base Score link (be sure you are on the correct CVSS Version).

Panel
bgColor#DEEBFF
image-20240617-183654.pngImage Addedimage-20240617-183721.pngImage Added

EPSS Score

Environmental Score is a component of the CVSS (Common Vulnerability Scoring System) that considers environmental factors specific to the organization's environment. This score reflects how the vulnerability affects the specific deployment environment and helps assess the risk in real life.

...

How is Severity Calculated?

Severity information is imported from the standard vulnerability databases.  

So, the standard calculation below is followed by these vulnerability databases.

...

https://www.first.org/epss/

...

How is EPSS Calculated?

You can find the general calculation on EPSS in the link below:

...

https://epss.cyentia.com/epss_scores-current.csv.gz

...

Asset Risk Scoring Details

Assets are scored individually and assigned a letter grade: A, B, C, D, E, or F, just like in grade school. Tap on the letter grade of any asset to see the Rubrix breakdown of how we score based on vulnerabilities.

...

Asset Average Risk Score Calculation

The sum of present Problem Category scores divided by the sum of all Severity Problem Category scores + other Problem Category Scores that are present.

...

20 = 250 (Sum of Severity Categories) / 50 (Total Weightage of Problem Categories that Exist)

...

Security and Compliance Report Card Grading

Info

The table values below are used for our Security Report Card and Compliance Report Card grades.

 Category

Grades

Description

Antivirus

5

Anti-virus is installed and up to date

4

Anti-virus is installed but not up to date

1

Anti-virus is not installed

Local Firewall

5

Local firewall is enabled for both public and private networks

4

Local firewall is not enabled for private networks

3

Local firewall is not enabled

1

Local firewall is not enabled

Insecure Listening Ports

 5

There are no insecure listening ports

3

One insecure listening port detected

1

More than one insecure listening port detected

 Failed Login

5

No failed interactive logins in the past 7 days

4

7 or fewer failed interactive logins in the past 7 days

3

14 or fewer failed interactive logins in the past 7 days

1

15 or more failed interactive logins in the past 7 days

Network Vulnerabilities

5

No network vulnerabilities

4

Low network vulnerabilities found (CVSS < 4.0)

3

Medium network vulnerability found (CVSS >= 4.0)

1

Critical network vulnerability found (CVSS >= 9.0)

System Aging

5

All computers are less than 2 years old

4

Some computers between 3 and 4 years old

3

Some computers between 4 and 7 years old

1

Some computers over 8 years old

 Supported OS

5

All computers have supported Operating Systems

4

Some Operating Systems are in extended support

3

Some Operating Systems are within 1 year of end of life

1

Some unsupported Operating System

 LLMNR

2

LLMNR not Allowed

5

LLMNR Disabled

1

LLMNR Enabled

NBTNS

2

NBTNS not Allowed

5

NBTNS Disabled

1

NBTNS Enabled

 NTLMV1

2

NTLMV1 not Allowed

5

NTLMV1 Disabled

1

NTLMV1 Enabled

 SMBV1Server

2

SMBV1 Server not Allowed

5

SMBV1 Server Disabled

1

SMBV1 Server Enabled

SMBV1Client

 

 

2

SMBV1 Client not Allowed

5

SMBV1 Client Disabled

1

SMBV1 Client Enabled

 SMB Signing

2

SMB Signing Disabled

5

SMB Signing Enabled

1

SMB Signing Disabled

Security Report Card

...

Compliance Report Card

...

End of Life

ConnectSecure checks against Assets to categorize end-of-life (EOL) in two ways.

...

This is found in the Problem Group of ‘Informational’ as shown in the example below:

...

Risk Level Descriptions for EOL on Active/Security Support

Level

Description

1

Both Active and Security Support have ended; no support is available

3

If the operating system is within 1 year of its security support end date; limited support

4

If the operating system is within its Active support but past its Security support; extended support

5

If the operating system is within both Active and Security support timelines; full support

...

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

...