Criteria for the Threat Score Calculation

Triggered rules increase the score by the values identified in the chart below based on the highest severity level triggered.

Rules, Severity and Value

Rule

Severity

Value

Recently Linked to Remote Access Trojan

Very Critical

+5

Historically Linked to Remote Access Trojan

Critical

+4

Recently Linked to Ransomware

Very Critical

+5

Historically Linked to Ransomware

Critical

+4

Recently Linked to Penetration Testing Tools

Medium

+2

Historically Linked to Penetration Testing Tools

Low

+1

Recently Linked to Malware

High

+3

Historically Linked to Malware

Medium

+2

Recently Linked to Exploit Kit

Very Critical

+5

Historically Linked to Exploit Kit

Critical

+4

Linked to Recent Cyber Exploit

Low

+1

Linked to Historical Cyber Exploit

Low

+1

The rule with the highest criticality determines the point range and the starting value for the Threat Score. The ranges for each are as follows:

Criticality - Ranges

Criticality

From

To

Very Critical

71

99

Critical

45

70

High

24

44

Medium

13

23

Low

1

12

None

0

0

Note:when assigning a Threat Score to the SAID, we do not simply add up the scores for each associated vulnerability, but rather follow the same rules outlined here to calculate the Security Advisory threat score.