High-level overview of the early Q2 2021 RiskSense Security Score (RS³) version 2.1 update.
Note: This scoring system went live on Friday April 24th 2021. Further details can be found in our RS³ – RiskSense Security Score White Paper.
The early Q2 2021 RiskSense release will feature enhancements to the RiskSense Security Score (RS³) scoring model that will allow RiskSense to provide you with a greater level of accuracy and actionability. As the cornerstone of prioritization in the RiskSense platform, Vulnerability Risk Rating (VRR) considers industry-standard CVSS data from the NVD, threat intelligence, subject matter expertise, trending information, and more. In other words, VRR is a one-stop shop for the foundation of your organization’s key risk indicators. Our scoring system is designed to evolve over time, in order to reflect the current threat focus and expanding utilization of vulnerabilities by malicious actors.
This update to the scoring algorithm enhances the results so that three extremely high-risk vulnerability characteristics tied to Ransomware, Trending, and those on the RiskSense-curated Attack Surface system filter list will obtain a higher score, reflecting the elevated priority for prioritization. With the release of these modifications, findings that have these characteristics when ingested into the RiskSense platform will automatically see their VRR elevated to the maximum value of 10. Thus, these findings will be pushed to the top of your priority list and allow your organization to quickly address the greatest threats to your security.
Keep in mind that while the number of critical vulnerabilities in your organization may increase with these enhancements, tools such as Groups, Business Criticality, Asset RS³, and more can be used in conjunction with VRR to refine and further prioritize your organization’s top vulnerabilities to focus on what is most important to you.
Over the past few years, the rise in Ransomware has become unprecedented. Some of the largest security breaches in recent history have been attributed to Ransomware. The continued evolution of growing Ransomware variants and their expanding use of vulnerabilities, along with ransomware-as-a-service and use of Ransomware by APT groups seen recently, requires an elevation based on expanding threat-context. For this reason, RiskSense now classifies this specialized category of malware as one of the highest-priority threats to your organization. The Ransomware dashboard combined with increased prioritization via VRR will allow you to target these weaknesses and to protect against malicious actors in a timely manner.
To identify Ransomware in your networks, use the Active Ransomware - RS system filter in your Findings views.
Although Trending Vulnerabilities with Threats are often near the top of the heap when it comes to potential negative impact to an organization, RiskSense is now taking a further step to maximize the risk score of these weaknesses to reflect the activity of these threats seen currently in-the-wild. The list of the most popular methods of attack is constantly evolving, and we wish to make sure your organization is the first to know about such changes. Identifying and remediating these Trending Threats will become easier with an increased VRR, allowing your organization to stay ahead of the game and maximize your security posture.
To identify Trending Threats in your networks, use the Has Trending Threats filter in your Findings views.
RiskSense Attack Surface
Several US-based protection and security organizations, including the DHS, FBI, NSA, and others, regularly maintain a publicized list of particularly high-risk weaknesses. To that end, RiskSense has consolidated these and other sources together to compile a unified Attack Surface list, collecting all CVEs from these sources in a single place. This list is then cross referenced and validated by our industry-leading penetration testing team to ensure the highest reliability of data. In addition to easily navigating through your findings with our system filter list, we now will assign the maximum VRR score to these vulnerabilities. This focus will push to the top of your organization’s priority list the vulnerabilities that the US government and security agencies deem as critical exposure points and ways adversaries are threatening business, consumers, and government entities.
To identify vulnerabilities from the RS Attack Surface list, use the Attack Surface - RS system filter in your Findings views.
We understand that changes like this are significant for our customers. We want to ensure you are empowered with as much knowledge as possible to make this a smooth transition and understand the benefits of our scoring methodology improvements, such as:
Accuracy: Prioritizing remediation by VRR will provide the greatest measure of accuracy with respect to your organization’s RS³.
Safety: Your organization needs to know what kinds of unique attacks you are susceptible to, as well as the likelihood and impact involved in such attacks.
Actionability: Intelligent scoring allows RiskSense to help you prioritize across multiple indicators to drive your remediation efforts most effectively.
Scalability: Full spectrum risk-based vulnerability management is powered by scalable metrics that adapt over time to keep pace with the latest threats to your organization.