Configuring roll-up calculator rules

Release version: Zurich

Updated July 31, 2025

1 minute to read

Configure roll-up calculator rules to compute the cumulative risk score for remediation tasks and imported vulnerabilities.

Create or edit roll-up calculator rules

Create rules to roll-up risk scores on imported findings and remediation tasks.

Select New and fill in the fields on the form:

Table 1. Roll-up calculator rule form
Field	Description
Details
Name	Name of the rule.
Target table	Name of the table from which the risk score must be rolled-up.
Target field	Name of the field from the table that must be considered for risk roll-up.
Active	Indicates whether the rule is active.
Description	Description of the rule.
Source selection
Applies to	The finding table to which the risk score roll-up applies to. The Applies to field is dependent on the selected target table, and its options are updated accordingly. For instance, choosing the Container remediation task [sn_vul_container_vulnerability] limits the Applies to field options to Container vulnerable item. This dynamic update ensures that only relevant options are available based on the target table selected.
Include	Defines the conditions for roll-up on the finding table.
Roll-up calculations
Basic	Assign weightage to specify the relative impact of each of the following factors on the rolled-up risk score: Maximum risk score: Maximum risk score of the findings considered. Average score: Aggregate of the risk scores of all the findings. Count of records: Number of findings. A larger number of findings increases the overall score, while a smaller number lowers it.
Script (Advanced option)	The scripting feature is an advanced feature to build a custom script that should return the risk score, which is an integer value ranging from 0 to 100.