Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Performing common tasks

Monitoring risks

Viewing the risks table

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Viewing the risks table

March 22, 2024

ID 194184

Get as PDF

The risks table is displayed in the Risks section of the application web interface.

The risk settings are displayed in the following columns of the table:

  • Category

    Name of the risk category.

  • Name

    Name of the risk. The CVE ID of the detected vulnerability is used for a Vulnerability risk (if it has no CVE ID, it is identified by its identification number obtained from other publicly available resources containing vulnerability descriptions).

  • CVE

    For a Vulnerability risk: CVE ID of the detected vulnerability.

  • BDU

    For a Vulnerability risk: vulnerability ID in the BDU database. If one vulnerability with a CVE ID matches multiple vulnerabilities with different IDs in the BDU database, this column contains all the IDs.

  • Risk ID

    Unique ID of the risk.

  • Score

    Calculated value of the risk assessment. The severity of the risk is designated by a numerical score. Depending on the severity, the score may have one of the following colors:

    • Red designates a High severity risk.
    • Yellow designates a Medium severity risk.
    • Blue designates a Low severity risk.

    For risks with the Active status, the score is brightly colored. For Remediated or Accepted risks, its score is faintly colored.

  • Side 1

    Address information of one of the sides of network interaction (indicated for certain risk types). MAC addresses and IP addresses can be individually enabled and disabled. If additional address spaces were added to the application, you can enable or disable the display of the names of address spaces by using the Show address spaces setting when configuring the devices table.

  • Side 2

    Address information of the other side of network interaction (indicated for certain risk types). The display of address information can be configured the same way as the Side 1 column.

  • Device group

    Name of the group containing the device with the detected risk (contains the name of the group and the names of all its parent groups).

  • Device

    Device name and address.

  • Source of vulnerability

    For a Vulnerability risk: name of the source of the information uploaded to the database of known vulnerabilities.

  • Status.

    Current status of the risk. The following statuses are available:

    • Active – default status upon first detection of the risk (and upon repeated detection if the Remediated status had been assigned to the risk). You can also manually assign the Active status to a risk if its current status is Accepted.
    • Remediated – automatically assigned status if the conditions for risk detection are no longer present.
    • Accepted – status manually assigned to a risk if the risk is assessed as negligible or if risk mitigation measures did not lead to automatic assignment of the Remediated status.
  • Detected

    Date and time of risk detection.

  • Last status change

    Date and time of the last change of the risk status.

  • Matched CPE

    For a Vulnerability risk: descriptions of devices from the database of known vulnerabilities. These are descriptions that match device information in the devices table.

When viewing the risk table, you can use configuration, filter, search, and sort functions, and navigate to the related items.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.