The risk level score shows the estimated risk of a detection in the customer environment.
The risk level score is based on criticality and confidence of the detection.
- Criticality means the possible impact that the detection would have in the customer environment. It is based on the severity of the detection – how much damage the detection could do – and the importance of the affected hosts.
- Confidence means how likely it is that the detection is valid and not a false-positive.
The risk level score is calculated from criticality and confidence values.
|Risk level score||Color code||Severity||Description|
|36-65||Grey||Low risk level||No notable unusual activity.|
|66-75||Yellow||Medium risk level||Increased risk of malicious cyber activities, but nothing significant has occurred.|
|76-90||Orange||High risk level||Significant risk of malicious cyber activities or the potential incident can cause severe damage in the customer environment.|
|91-100||Red||Severe risk level||Severe risk of malicious cyber activities and the potential incident can compromise critical hosts in the customer environment.|