Risk Charts

The risk charts in the Dashboard, let you quickly understand the network security risks in your environment. Risk is summarized with: Security Score, and Risks by Severity or Type.

When you click on a section of a chart, SecureTrack opens the risk browser with the relevant data shown.

Security Score

SecureTrack calculates the security score based on the number and severity of the risks found in the specified device. The security score is on a scale of 0-100, where 100 represents that no risks are found. Each risk in a device lowers the score, but the number of times a risk is found in a policy does not impact the score.

More specifically, the security score is determined by multiplying each risk found in the specified device by its severity (for example, Low=1 and Critical=4) and dividing it by the total number of risks multiplied by their severities. The result is subtracted from 100 to produce a score on a scale of 0-100, where 100 represents that no risks are found. For example, if SecureTrack checks a policy for 10 risks in each severity level (10*1+10*2+10*3+10*4 = 100) and finds two high (2*3) and one critical (1*4) risks, the calculation is [100-(2*3+1*4)] = 90%, or a security score of 90.

SecureTrack calculates the security score for every new revision that it receives. When you select a device from the device tree, you see the security score for the current policy on the device and an arrow that indicates that the security score improved , decreased or did not change since the previous score calculation. The security score for a group is the average of the scores of all of the devices in that group, including devices that are in subgroups.

The charts for security score are:

  • Security score - the security score for the selected device or group
  • Security score by member - the security scores for each of the direct members of the selected group
  • Security score trend - the security score of the device or group at the end of each of the previous days, weeks, or months; the last point in the trend is the current security score

Risks by Severity or Type

You can see the number of risks in the latest revision on a device or group of devices shown according to the risk severity levels or risk types.

Each risk is part of a category of risks, or risk types. The risk types are:

  • Risky rules - Rules that include services with source and destination that are likely to not be secure
  • Weak rules - Rules that are not configured according to basic networking principles or industry best practices
  • Weak policies - Policies that are not configured according to basic networking principles or industry best practices

Each risk is also assigned a severity level to help you identify the priority for risk remediation. The severity levels are: Critical, High, Medium, and Low. You can change the severity of a risk in risk configuration.

The charts for risks are:

  • Risks by type - For the selected device or group, the number of risks in each risk type
  • Risks by severity - For the selected device or group, the number of risks in each severity level
  • Risks of members by severity - For each device or group that is a direct member of the selected group, the number of risks in each severity level
  • Risks of devices by severity - For each device that is a member of the selected group or its subgroups, the number of risks in each severity level