Vulnerabilities in Kenna scored on a 100 point scale divided into thirds:
Green 0-33
Amber 34-66
Red 67-100
For network vulnerabilities, score is based on CVE and starts with a normalized CVSS score from the National Vulnerability Database. Threat intel is layered onto that base score to compile a Kenna risk score.
Application scores are based on the risk score from the scanner or a base CWE score if scanner score is not available.
Comments
Please sign in to leave a comment.