Kaspersky Industrial CyberSecurity for Networks can detect risks that could affect resources of an information system. The application identifies risks based on the results of traffic analysis and the device information it receives.
The detected risks may belong to the following categories:
Each risk is scored on a scale from 0.0 to 10.0. The application calculates this numeric risk score value based on the available information about the device associated with the detected risk. When calculating a risk score, the application considers the level of importance of the device, and other risks associated with this device. A base score is used as the initial value for calculations. Base scores of risks in the Vulnerability category are determined according to the Common Vulnerability Scoring System (CVSS). All other risk categories utilize the base scores defined in the table of risk types.
Information about risks is uploaded to the database of detected risks on the Kaspersky Industrial CyberSecurity for Networks Server. The total volume of saved entries in the database cannot exceed the defined limit. If the volume exceeds the defined limit, the application automatically deletes 10% of the oldest entries. You can set a maximum volume limit for detected risks when configuring data storage settings on the Server node.
The contents of the database of detected risks are displayed in the Risks section of the application web interface. You can also view general information about the presence of risks associated with devices in the Assets section on the Devices tab.