Vulnerability Scoring in Kenna

Vulnerabilities in Kenna scored on a 100 point scale divided into thirds:

 

Green 0-33

Amber 34-66

Red 67-100

 

For network vulnerabilities, score is based on CVE and starts with a normalized CVSS score from the National Vulnerability Database. Threat intel is layered onto that base score to compile a Kenna risk score. 

 

Application scores are based on the risk score from the scanner or a base CWE score if scanner score is not available. 

 

image.webp

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.