Axonius Documentation
Start typing to search…

Previewing the Risk Score

Before saving the Risk Score you created, the system generates a Results Preview on a randomly selected instance and displays a breakdown of the factors contributing to the calculation, including original and normalized data. This capability ensures extra transparency and accuracy, as it allows you to go back and make changes to the calculation parameters before applying them in your environment.

Note that you can generate a preview only after you've completed all steps required for configuring a Risk Score:

  1. Selecting assets and fields
  2. Assigning fields alternative values and fallback values
  3. Ensuring that the total weight of fields is 100%
  4. Defining Risk Levels (if you don't make any changes to this section, the system will use the Axonius default settings)

Generating a Preview

From the Results Preview section, click Generate Preview. The fields contributing to the calculation are displayed with the following breakdown:

  • Name - The field name.
  • Raw Data - The original field value.
  • Value - The actual field value, after a normalization process.
  • Percentage - The weight of the field in the calculation.

The calculated Axonius Risk Score and Axonius Risk Level are displayed under the list of fields.

risk level6

The Host ID is displayed on the top left of the Preview table. However, if the Risk Score is calculated for Vulnerability Instances or per Vulnerability per Device - the CVE ID is displayed as well.

Preview2

If the Risk Score is calculated for Vulnerabilities, only the CVE ID is displayed.

Clicking Generate Preview again generates a preview for the same instance. This is useful if you want to make changes to the Risk Score settings after the first preview, and then generate another preview to see the effect of the changes.

To generate a preview for a different random instance, click the refresh icon. To preview results for the new instance, click Generate Preview again.

📘

Note

If you configure fallback fields for the Risk Score, the preview shows the fields actually used in the calculation. For example, if the primary field to be used in the calculation is the CVSS V4 Score field, but the system ends up using the CVSS V3 Score field - the latter will be displayed in the preview.

Saving a Risk Score

Click Save and Run to save the Risk Score. This creates a new Enforcement Set task and you can access the Risk Score from the Enforcement Center as well.

Renaming a Risk Score

To rename a Risk Score, hover over it in the left navigation panel and select Rename from the Actions menu.

Deleting a Risk Score

To delete a Risk Score, hover over it in the left navigation panel and select Delete from the Actions menu.

Updated 1 day ago