Axonius Documentation
  1. Asset Cloud
  2. Exposures
  3. Risk Score Configuration

Out-of-the-Box Risk Score

In some use cases, it is hard to build complex Risk Score models from scratch without guidance. To help you get started, Axonius offers a predefined, out-of-the-box Risk Score which provides distinct, best-practice starting points through OOTB values.

Managing OOTB Risk Scores

OOTB Risk Scores are displayed on the left navigation menu of the Risk Score page under their associated asset types.They are pinned to the top of the asset type's Risk Score list and are marked with a "By Axonius" tag.

📘

Note

OOTB Risk Scores are currently supported only for Devices.

There are two types of OOTB Risk Score for each asset type:

  • The Security Finding Risk Score combines vulnerability-level context with asset-level context, which helps prioritize not only severe CVEs, but severe CVEs on important or exposed assets. The following parameters are considered:
    • Axonius Vulnerability Score (AVS): Integration of vulnerability severity.
    • Asset Criticality: Linkage to the dedicated Asset Criticality value.
    • Internet Exposure: Determined by the Query Wizard field Is Exposed to the Internet = Yes. This parameter is calculated by evaluating data from multiple sources, including Axonius fields and adapter-specific exposure indicators.
  • The Asset Risk Score uses the highest open Security Finding Risk Score on the asset as the primary signal, while also accounting for the broader volume of open Security Findings on that asset. In other words, the Asset Risk Score reflects both the most severe current risk and the additional risk created when multiple findings exist on the same device.

General guidelines:

  • OOTB Risk Scores cannot be renamed or deleted.

  • The score type and calculation parameters of an OOTB Risk Score can be viewed but not edited.

  • You can activate or deactivate OOTB Risk Scores according to your needs, just like custom Risk Scores.

  • The following components can be edited in OOTB Risk Scores (marked in green in the image below):

    • The query selected for applying the Risk Score
    • Risk Levels

Updated 1 day ago