- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-17-2022 08:48 AM - edited 10-17-2022 08:59 AM
Hi,
Do Vulnerable Items get created and assigned a risk score based off of the risk score in the third party entries?
Thanks,
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2022 05:29 AM - edited 10-18-2022 05:43 AM
Hi @Dommer,
Risk score is assigned based on Vulnerability Calculators. Please find the link to the documentation below, but also screenshots how to get to Vulnerability Calculators and explanation how Risk Score and Risk Rating are created.
Vulnerability Response calculators and vulnerability calculator rules (servicenow.com)
Please make sure You are going to the location through:
Vulnerability Response>Administration>Vulnerability Calculators
and not through:
Application Vulnerability Response> Vulnerability Calculators
And finally in picture beneath you can see the Risk/Vulnerability Calculator which is provided by Snow Vulnerability Response by default and you have possibility to modify what factors should be taken into consideration to caclulate the risk score and their weights.
By Default you have also Vulnerability Severity calculator, which calculates Risk Rating based on Risk Score.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2022 05:18 AM
Hey Dommer,
Vulnerable Items receive a risk score based on the Vulnerability Calculators that are in use.
This can differ from instance to instance, since the Vulnerability calculators can be configured.
If you have access I would recommend you to review under: Vulnerability Response>Administration>Vulnerability Calculators.
From there you will be able to review all the calculators in use, and on top of that you can check the exact matrix, used for the risk score calculation, with respective examples.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2022 05:29 AM - edited 10-18-2022 05:43 AM
Hi @Dommer,
Risk score is assigned based on Vulnerability Calculators. Please find the link to the documentation below, but also screenshots how to get to Vulnerability Calculators and explanation how Risk Score and Risk Rating are created.
Vulnerability Response calculators and vulnerability calculator rules (servicenow.com)
Please make sure You are going to the location through:
Vulnerability Response>Administration>Vulnerability Calculators
and not through:
Application Vulnerability Response> Vulnerability Calculators
And finally in picture beneath you can see the Risk/Vulnerability Calculator which is provided by Snow Vulnerability Response by default and you have possibility to modify what factors should be taken into consideration to caclulate the risk score and their weights.
By Default you have also Vulnerability Severity calculator, which calculates Risk Rating based on Risk Score.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2022 11:48 AM
Thanks all!