Prioritization Rules

Prioritization Rules are used by Strobes to generate a priority score for a vulnerability which can be used by the IT, Patch management and Development teams to better understand the risk that a vulnerability poses to the organisation and prioritise which vulnerabilities to fix. There are four metrics based on which Strobes calculates the priority score. The metrics are:

  • Exploit availability
  • SLA
  • Asset Exposure
  • Asset Sensitivity

By default the weightage among the four metrics is distributed as follows:

Exploit availability - 50%
SLA - 10%
Asset Exposure - 20%
Asset Sensitivity - 20%

In the Prioritization Rules page you will find the following three options:

  1. Edit Ruleset
  2. Restore Default
  3. Simulate Prioritization Score

Edit Ruleset : Using Edit Ruleset, you can edit the weightage given to the SLA, Asset Exposure and Asset Sensitivity metrics . The weightage for Exploit availability cannot be changed. The following are the usage flow instructions:

  • Click on 'Edit Ruleset'.



  • Enter the weightage which you need to assign in the ‘Weightage in %’ fields for the metrics which you need to edit. For the sake of demonstration we are editing the default weightage and changing the value of SLA to 0% and the remaining metrics to 25% each.



  • Click on ’Save’. Your rules will be applied and will now be used to calculate the priority score across all the vulnerabilities in your organization.

Restore Default : This option simply restores the default Strobes weightage for all the metrics.

Simulate Prioritization Score : Using this option you can test your prioritization weightage. The following are the usage flow instructions:

  • Click on ‘Simulate prioritization score’.



  • Choose a vulnerability from the dropdown.





  • Now click on ‘Simulate prioritization score’.
  • A Prioritization Score will now be displayed.

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more