Viewing the risks table

The risks table is displayed in the Risks section of the application web interface.

The settings of risks are displayed in the following columns of the table:

• Category

  Name of the risk category.

• Name.

  Name of the risk. The CVE ID of the detected vulnerability is used for a Vulnerability risk (if it has no CVE ID, it is identified by its identification number obtained from other publicly available resources containing vulnerability descriptions).

• CVE.

  For a Vulnerability risk: CVE ID of the detected vulnerability. This column is displayed in the risks table in Kaspersky Industrial CyberSecurity for Networks version 4.0.1.

• BDU.

  For a Vulnerability risk: vulnerability ID in the BDU database. If one vulnerability with a CVE ID matches multiple vulnerabilities with different IDs in the BDU database, this column contains all of these IDs. This column is displayed in the risks table in Kaspersky Industrial CyberSecurity for Networks version 4.0.1.

• Risk ID

  Unique ID of the risk.

• Score

  Calculated value of the risk assessment. The severity of the risk is designated by a numerical score. Depending on the severity, the score may have one of the following colors:

  • Red designates a High severity risk.
  • Yellow designates a Medium severity risk.
  • Blue designates a Low severity risk.

  For risks with the Active status, the score is brightly colored. For Remediated or Accepted risks, its score is faintly colored.

• Side 1

  Address information of one of the sides of network interaction (indicated for certain risk types). MAC addresses and IP addresses can be individually enabled and disabled. If additional address spaces were added to the application, you can enable or disable the display of the names of address spaces by using the Show address spaces setting when configuring the devices table.

• Side 2

  Address information of the other side of network interaction (indicated for certain risk types). The display of address information can be configured the same way as the Side 1 column.

• Device group

  Name of the group containing the device with the detected risk (contains the name of the group and the names of all its parent groups).

• Device

  Device name and address.

• Source of vulnerability

  For a Vulnerability risk: name of the source of the information uploaded to the database of known vulnerabilities.

• Status

  Current status of the risk. The following statuses are available:

  • Active – default status upon first detection of the risk (and upon repeated detection if the Remediated status had been assigned to the risk). You can also manually assign the Active status to a risk if its current status is Accepted.
  • Remediated – automatically assigned status if the conditions for risk detection are no longer present.
  • Accepted – status manually assigned to a risk if the risk is assessed as negligible or if risk mitigation measures did not lead to automatic assignment of the Remediated status.
• Detected

  Date and time of risk detection.

• Last status change

  Date and time of the last change of the risk status.

• Matched CPE

  For a Vulnerability risk: descriptions of devices from the database of known vulnerabilities. These are descriptions that match device information in the devices table.

When viewing the risks table, you can use the configuration, filter, search, and sorting functions.

Page top