The tables below summarize the logic behind each risk vector and its findings, including:
- Risk vector weight
- Finding behavior
- Finding lifetime
- Default grade if there’s insufficient data
- Automated refresh length, or the amount of time it takes a refresh to run on its own
- User-requested refresh length, or the amount of time it takes to complete a refresh upon request
Links in the Risk Vector column navigate to a detailed description of how each risk vector is assessed.
Diligence Risk Vectors - 70.5%
Risk Vector | Weight | Finding Behavior | Lifetime | Insufficient Data Grade | Automated Refresh | User-Requested Refresh |
---|---|---|---|---|---|---|
SPF Domains | 1% | New finding replaces the previous one. | 60 Days | 2 Weeks | 1 Day | |
DKIM Records | 1% | If the selector is the same and the record is changed, a new finding replaces the previous one. If the record is removed, it needs to undergo the lifetime. New selectors result in separate findings. | 60 Days | 30-50 Days | 2 Days | |
TLS/SSL Certificates | 10% | Revoked certificates remain listed until the end of the lifetime. If a new certificate is generated, it results in a new finding. | 60 Days | 60 Days | 3 Days | |
TLS/SSL Configurations | 15% | New finding replaces the previous one. | 60 Days | |||
Web Application Headers | 5% | New finding replaces the previous one. | 60 Days | 60 Days | 4 Days | |
Open Ports | 10% | TCP ports are immediately marked as closed and stop impacting within 10 days. UDP ports are marked as closed 60 days after the Last Seen date. | 60 Days | 30-60 Days | 3 Days | |
Server Software | 2% | If the software is updated, a new finding is created for the new release. The previous version continues impacting until completing the lifetime. | 60 Days | 8 Days | 2-3 Days | |
Insecure Systems | 2.5% | Without further activity, the finding stops updating. Its impact is removed after the lifetime. | 60 Days | Daily | Not Available | |
Patching Cadence | 20% |
If the vulnerability is fixed, the finding is marked as remediated. Its impact on the risk vector grade and overall rating decreases starting 60 days after the Last Seen date of the last vulnerable finding and continues until the end of its lifetime (90 days). Patching Cadence findings have a positive impact if they are remediated faster or negative impact if they are remediated slower than the company’s mean time to remediate. It also depends on the vulnerability’s severity. |
90 Days | 7-30 Days | ||
Desktop Software | 3% | If a new Browser/OS version is seen, a new finding is created. The previous version stops impacting if not seen until the end of the lifetime. | 65 Days | 1 Week | Not Available | |
Mobile Software | 1% | 65 Days | ||||
DNSSEC | N/A | New finding replaces the previous one. | 60 Days | (No Impact) | 2 Weeks | 1 Day |
Mobile Application Security | N/A | New App version replaces the previous one. | 365 Days | 60 Days | 10 Days | |
Web Application Security | N/A |
New findings immediately impact the grade. Remediated findings:
|
60 Days | 60 Days | 2 Days | |
DMARC | N/A | New finding replaces the previous one. | N/A | 30 Days | 3 Days | |
Domain Squatting | N/A | Existing domains are impacted weekly. | N/A | 8 Days | Not Available |
Compromised Systems Risk Vectors - 27%
Risk Vector | Weight | Finding Behavior | Lifetime | Insufficient Data Grade | Automated Refresh | User-Requested Refresh |
---|---|---|---|---|---|---|
Botnet Infections | 27% | If the activity is not seen for 3 days, the finding stops updating. Its impact linearly declines until the end of the lifetime. | 180 Days | Daily | Not Available | |
Spam Propagation | ||||||
Malware Servers | ||||||
Unsolicited Communications | ||||||
Potentially Exploited |
User Behavior Risk Vectors - 2.5%
Risk Vector | Weight | Finding Behavior | Lifetime (days) | Insufficient Data Grade | Automated Refresh | User-Requested Refresh |
---|---|---|---|---|---|---|
File Sharing | 2.5% | Each file represents a torrent shared through a unique IP. If the same IP downloads the same file at any further day, the Last Seen date updates. Different files and IPs result in separate findings. | 60 Days | Daily | Not Available | |
Exposed Credentials | N/A | N/A | N/A |
- September 5, 2024: The remediated finding behavior references the mean time to remediate.
- July 16, 2024: The Patching Cadence lifetime is 90 days.
- June 11, 2024: Added DMARC and renamed from "Findings Overview Comparison Tables" to "Finding Behavior".
Feedback
0 comments
Please sign in to leave a comment.