TruRisk Formula Use Cases
This topic explains the TruRisk score calculation formulas and their use cases. It outlines the business impact of each formula along with examples.
TruRisk™ 1.0 Formula Use Case
TruRisk™ 1.0 Formula
ACS * External * [ (wc* Avg(QDSc) * func(count(QDSc)) + wh* Avg(QDSh) * func(count(QDSh)) + wm* Avg(QDSm) * func(count(QDSm)) + wl* Avg(QDSl) * func(count(QDSl)) ]
Business Impact
The TruRisk score is calculated based on the average of critical, high, medium, and low detections. However, using the average has some inherent issues. For instance, if a lower score detection is fixed in the critical bucket, the average score goes up, even though a risk was fixed.
Use Case
You have 2 assets:
Asset 1 (internet-facing)
- Asset Criticality Score- 5
Vulnerability Details:
- Vulnerability count, based on the severity level:
- Critical: 2
- High: 10
- Medium: 40
- Low: 30
- Average (QDS) scores for each severity level:
- Critical: 95
- High: 84
- Medium: 65
- Low: 31
TruRisk Score
The Trurisk score (1000) is then calculated for this asset based on the following contributing factors:
a. Asset Criticality Score (ACS) 5
b. Average (QDS) scores for each severity level (Critical [95] , High [84], Medium [65], Low [31])
c. Auto assigned weighing factor (w) for external asset 1.2.
Asset 2-(non internet-facing asset)
- Asset Criticality Score- 4
Vulnerability Details:
- Vulnerability count, based on the severity level:
- Critical: 3
- High: 0
- Medium: 50
- Low: 20
- Average (QDS) scores for each severity level:
- Critical: 95
- High: 0
- Medium: 65
- Low: 30
TruRisk Score
The Trurisk score (518) is then calculated for this asset based on the following contributing factors:
a. Asset Criticality Score (ACS) 4
b. Average (QDS) scores for each severity level (Critical [95] , High [0], Medium [65], Low [30])
c. Auto assigned weighing factor (w) for internal asset 1.0.
TruRisk™ 2.0 Formula Use Case
TruRisk™ 2.0 Formula
ACS * External * [MaxQDSforCVE * g(MaxQDSforCVE)] + numCriticalCVE * WtCrit + numHighCVE * WtHigh + numMediumCVE * WtMed + numLowCVE * WtLow
Business Impact
The TruRisk score is calculated based on the maximum detection value and detection count across critical, high, medium, and low.
The TruRisk calculation is based on findings, CVE for vulnerabilities and findings from other third-party tools. It uses maximum of findings and count based on findings in the calculation. The max allows to prioritize the most risky asset, and count enables to differentiate between assets, so you can prioritize ones with the most risk.
Use Case
You have 2 assets:
Asset 1 (internet-facing)
- Asset Criticality Score- 5
Vulnerability Details:
- Vulnerability count, based on the severity level:
- Critical: 8
- High: 40
- Medium: 90
- Low: 80
- Maximum detection (Max QDS score): 98
TruRisk Score
The Trurisk score (857) is then calculated for this asset based on the following contributing factors:
a. Asset Criticality Score (ACS) 5
b. Maximum detection on the asset ( Max QDS score).
c. Auto assigned weighing factor (w) for external asset 1.2.
d. Auto assigned g_value (1.3) as there are critical detections.
Asset 2 (non internet-facing)
- Asset Criticality Score- 4
Vulnerability Details:
- Vulnerability count, based on the severity level:
- Critical: 12
- High: 0
- Medium: 100
- Low: 60
- Maximum detection (Max QDS score): 98
TruRisk Score
The Trurisk score (574) is then calculated for this asset based on the following contributing factors:
a. Asset Criticality Score (ACS) 4
b. Maximum detection on the asset (Max QDS score).
c. Auto assigned weighing factor (w) for external asset (internet facing) 1.0
d. Auto assigned g_value 1.3 as there are critical detections.