Date published: 2023-06-09

Security exposure index

Navigate to Dashboard -> Auditor and scroll down to Auditor Ruleset and Integrity check graphs. The graphs shows the timeline of the overall security score, separately for Ruleset and Integrity Check.

Security exposure index graphs

Each and every generated event has a severity, which is user defined based on own preference.

Alert severityDefault multiplicator
Low1
Medium2
High3
Critical4

The overall score is a number showing the aggregated score of all the generated alerts. Ideally the number should be 0 (zero) or as low as possible.

How is the overall score calculated

The result is calculated by multiplying the number of alerts of each severity level by their respective default multiplicators and summing them together.

  • Example: There is 10 low, 5 medium, 3 high and 2 critical alerts.
  • Result: (10 x 1) + (5 x 2) + (3 x 3) + (2 x 4) = 37

Override score

There is a possibility to override the default multiplicator for a specific auditor rule which has the critical severity. For example there is a rule making sure there is no any/any security policy which allows all the traffic this specific rule has a user overriden priority to 10.

  • Example: Let’s assume the same example as above, but there is one event generated by the override rule which has a severity high but with score 10.
  • Result: 10 + (5 x 2) + (3 x 3) + (1 x 4) + (1 * 10) = 44

How to override the default score

You can change the default score (4) for every auditor rule, which has severity critical. Note, you can only override the score for critical severity, not for any lower.

Auditor override the default score