How are the scores calculated for the Remediation Report?

The score in the remediation report is a bit different from the Score we give for Hosts or Individual vulnerabilities

For Each Vulnerability:

  • High gets 8 points
  • Medium gets 4 points
  • Low gets 1 point

This is multiplied by how many assets have the same issue. This leads you to the score value you see in the remediation report.

The aim of the score here is to highlight, bring forward, which vulnerability fixing would give you the most benefit.

The formula inside the report is:
Affects * Popularity * Risk

Affects = amount of hosts affected
Popularity = how many times this vulnerability happens in the hosts in this report - 1 is one time, 1000, means 1000 times in this report
Risk = a value of either 1, 4, or 8

Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk