Viewing risk details

Risk details include information from the risks table and the following fields:

• Risk type – code of the risk type.
• Description – description defined for the risk type or the corresponding vulnerability.
• Base score – initial value used for calculating a numeric value for a risk score.
• Events – list of events associated with the risk (if there are more than 10 events, the number of undisplayed events is shown under the list).
• Other devices with this risk – list of devices for which this risk was detected (if there are more than 10 devices, the number of undisplayed devices is shown under the list).

For a Vulnerability risk, additional information is displayed in the following fields and groups of fields:

• Attack conditions.
• Impact – description of the potential effects from exploitation of the vulnerability.
• CVSS vector – record of metrics used to calculate a CVSS vulnerability score.
• Mitigations – recommendations on remediating the vulnerability (for example, which software version should be installed on the device).
• Links – links to publicly available resources containing additional information about the vulnerability.
• CVE history – dates of identification, confirmation, and publication of the vulnerability in publicly available sources.

To view information about a risk:

Select the relevant risk in the risks table.

In the right part of the web interface window, you will see the area containing detailed information about the risk.

To view information about a Vulnerability risk on the Devices tab in the Assets section:

Click the name of the vulnerability (displayed as a CVE ID or other identification number of the vulnerability) in the Risks column or in the details area of a device with this risk.

You will see a window containing detailed information about the vulnerability.