Kenna has adopted the CVSS standard to normalize the scoring of all vulnerability data that's imported. In addition to the two CVSS categories of Base (1-10) and Temporal (1-10), Kenna also includes a third scoring criteria called “Priority”—analogous to the CVSS "Environmental" category—that’s used to rank the value of an organization's internal assets and is also a component of the overall score. The Kenna priority score also uses a scale of 1-10 to be consistent with the CVSS ranking system. By combining all three of the Kenna scoring categories—Severity (Base), Threat (Temporal), and Priority (Environmental)—users are presented with a granular and precise scoring system based upon industry standards under which you can more effectively prioritize remediation.
Please sign in to leave a comment.