View risk metrics

  1. Sign in to the Risk Dashboard.
  2. In the navigation menu, click any page except for the Scanner Console page.

    These metrics are provided at the top of the page:

    • Current Risk Score — Your current risk score. The score automatically updates. Click Information to open the Risk Score page, which displays information about how the risk score was calculated. Click the risk score value to see a filtered list of critical risks.

      For more information, see Evaluate your Current Risk Score.

    • Benchmark Risk Score — Your risk score compared to other Arctic Wolf® customers. This risk score is updated daily.
    • Unresolved Risks — The current number of active medium to critical severity vulnerabilities in your network. This number automatically updates.
    • New Risks — The number of active and inactive risks in your network that were discovered within the last 30 days. This includes newly discovered risks and risks that were removed, but later rediscovered.
    • Mitigated Risks — The number of risks in your network that were resolved within the last 90 days.
    • Accepted Risks — The number of risks that you have acknowledged and are no longer included in your Current Risk Score.
    Tip:
    • On the Risks page, click a metric value to view the vulnerabilities that make up that metric.
    • Each metric has a tooltip that provides information about the metric.

Current Risk score

Arctic Wolf calculates your current risk score based on the Common Vulnerability Scoring System (CVSS) using CVSS version 2 (CVSSv2)and CVSS version 3 (CVSSv3), and is the weighted average of all vulnerabilities found on your network. The CVSS provides an open framework for communicating the severity of information security vulnerabilities. Specifically, the CVSS score provides an objective metric that Arctic Wolf uses to prioritize vulnerabilities so that the highest risk vulnerabilities are remediated first.

Tip:

NIST provides a National Vulnerability Database (NVD) that the United States Department of Homeland Security (DHS) sponsors. The NVD contains Common Vulnerabilities and Exposures (CVEs) updated in real-time. Each CVE provides details about a known information security vulnerability, including a CVSS score.

See NIST CVSSv2 calculator and NIST CVSSv3 calculator for more information.

Your risk score automatically updates when a change occurs. For example, when a new risk is found in your network or if you change the Status of an existing risk.

Note:

When an internal network scan no longer detects a vulnerability, the scan promptly clears the device of that vulnerability when one of these actions occurs:

  • The risk state is Fixed, Waiting Validation.
  • No manual changes are made to the state within 45 days.

Target score

The Risk Dashboard Overview page displays trends of your risk score over time in comparison to others in the industry.

Risk can never be completely eliminated, only reduced. To make sure that resources are used effectively, you should manage vulnerabilities in this order:

  1. Highest risk
  2. Medium risk
  3. Highest internal risk
  4. Lower risk
Note:

Industry studies show a high correlation between the time to exploit and incidents of exploitation with high severity CVEs. So, an effective mitigation and prioritization strategy addresses all high severity CVEs with the highest possible urgency.

Network health

Your network health is based on risk score and number of vulnerabilities. A low risk network is a healthier network.

Vulnerabilities

A vulnerability is an issue within the software, operating system, or service that is exploitable. Managed Risk scanners can identify, quantify, and prioritize or rank the vulnerabilities in a system. Vulnerabilities are classified as issues.

A zero-day vulnerability is a vulnerability that bad actors or third-parties exploit before the vendor determines a solution to the problem.