Vulnerability Scoring in Kenna

Vulnerabilities in Kenna scored on a 100 point scale divided into thirds:

 

Green 0-33

Amber 34-66

Red 67-100

 

For network vulnerabilities, score is based on CVE and starts with a normalized CVSS score from the National Vulnerability Database. Threat intel is layered onto that base score to compile a Kenna risk score. 

 

Application scores are based on the risk score from the scanner or a base CWE score if scanner score is not available. 

 

image.webp

 

 

Powered by Zendesk