Vulnerability Scoring in Kenna

Vulnerabilities in Kenna scored on a 100 point scale divided into thirds:


Green 0-33

Amber 34-66

Red 67-100


For network vulnerabilities, score is based on CVE and starts with a normalized CVSS score from the National Vulnerability Database. Threat intel is layered onto that base score to compile a Kenna risk score. 


Application scores are based on the risk score from the scanner or a base CWE score if scanner score is not available. 





Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.