Risk Meter scoring starts with the assets included in that meter and each individual asset in the Asset Group will have any number of vulnerabilities associated with it.
The Asset Risk Score in Kenna is based on the single greatest vulnerability found on each asset.
Vulnerability scores in Kenna range from 0-100 and are determined based on a complex algorithm which takes into account the following information:
- Our external partners’ SIEM systems near-real-time feed of exploitation attempts correlated to vulnerability scans, and the volume and velocity of these attempts and successes.
- The existence of an exploit in ExploitDB, and to an even greater degree, the availability of a module in Metasploit.
- The pervasiveness of a vulnerability as seen across Kenna anonymized data.
- The type of vulnerability - remote code execution vulnerabilities are more likely to be exploited.
- The position of an asset (internal vs external).
Assets Score is based on Asset Priority (default 10 for all inbound assets) and the highest rated vulnerability on that asset. The score is generally the Asset Priority multiplied by the highest vulnerability. Therefore a priority 10 asset with at least one 100 score vulnerability, will have an Asset Score of 1000 (10*100=1000). For additional details see the page on Asset Scoring.
The overall risk meter score is an average of all the assets included in that group. The average does not include any assets with a risk score of zero and is rounded to the nearest ten using standard rounding rules. Risk Meter coloring is fixed based on the score values shown here:
- Green = Score between 0 - 330
- Yellow = Score between 331 - 660
- Red = Score between 661 - 1000
From the Dashboard, it is easy to a quick snapshot of risk posture across the organization based on the Risk Meters displayed there.