Use the Risk Assessment settings to customize risk calculations and display risks in other dashboards. The weight and formula information listed below is also available from the Risk Assessment Settings dialog under Risk Assessment Info.
-
Exposure Level Weight:
-
Low = 0
-
Medium = 33
-
High = 66
-
Critical = 100
-
-
Exploit Exists Weight
-
False = 0 (exploit does not exist)
-
True = 100 (exploit exists)
-
-
Product Criticality Rating Weight
Use the default setting or set custom criticality by product. See Custom Risk Settings.
The Risk Assessment Score calculation uses the following formula:
((ExposureLevelValue * ExposureLevelWeight) + (ExploitExistsValue * ExploitExistsWeight) + (CriticalityValue * CriticalityWeight)) / (ExposureLevelWeight + ExploitExistsWeight + CriticalityWeight)
Use these settings to create settings that override the default settings defined in the metadata for Product Criticality settings or to create Custom Risk Scores.
 |
-
Select +Create Custom Product Criticality in the Custom Risk Settings workspace. This opens the Create Custom Product Criticality dialog.
-
Select Browse to search for the product you want to customize.
-
Select the product to modify, and then select Add Software Product.
-
This adds a table to Custom Product Criticalities.
-
Each time you add another product, the added information appears in this table.
-
-
Enter the number that corresponds to the criticality weight you want to set for this product, and then select Create Custom Product Criticality.
-
Select +Create Custom Risk Score in the Custom Risk Settings dialog. This opens the Create Custom Risk Score dialog.
-
Select Browse to open the Add Installable Software dialog.
-
Enter the number that corresponds to the risk score you want to set for this product, and then select Create Custom Risk Score.
-
This adds a table to Custom Risk Scores.
-
Each time you add another product, the added information appears in this table.
-
-
Select Save Settings.
Comments
0 comments
Article is closed for comments.