Executive Summary Dashboard: Health Score Panel

This article describes the metrics displayed in the health score panel

dashboard-panel-health-v01


The health score panel shows multiple metrics in different formats:

  1. The Health Score (normalized or not) and its evolution (increase/decrease) over the selected time frame.
  2. The Projected Impact of active remediation plans (for organizations with the remediation feature activated).
It can be interesting to visualize this graph in relation to the asset panel in order to better understand how adding or removing assets in your environment can affect the Health Score.

The Health Score is defined as follows:

  1. Every scanned asset is given an individual asset Health Score from 0.00 to 1.00, where 0.00 is an "unhealthy" asset and 1.00 is a fully "healthy" asset.
  2. The organization Health Score (non-normalized) is the sum of all the assets' health scores. Unscanned assets are excluded from the Health Score at the moment.

How are individual assets' Health Score calculated?

The asset's worst vulnerability CPS is the only one counted on an asset to evaluate its health (the health of an asset with regard to its potential exploitability on the network is not affected by the number of equivalent "worst" vulnerabilities as CPS already takes into account surrounding vulnerabilities).

The asset Health Score s(a) is therefore defined as such:5842bd865a204f8847321ae5f8ad3386

  • The CPS score is divided by 10 to give a resulting number from 0.00 to 1.00.
  • You can think of the asset Health Score as an "inverse probability" of it being compromised in the network.

How is the organization Health Score calculated?

The organization global Health Score (non-normalized) is the sum of all the assets' Health Scores in your environment.
If s(a) is the Health Score of an asset a, then the global organization's Health Score S(org) is defined as such:

11409fc3cc422479a2c9d784e8645009

How is the normalized organization Health Score calculated?

The normalized Health Score allows you to compare your own Health Score to peers and/or to subdivisions within your organization. It is the ratio of all your healthy assets VS all your scanned assets.

49dc6bc173956b9b524da1a95a1c131c

    How is the projected impact calculated?

    1. Every remediation plan created through the remediation feature will have an individual positive impact on the Health Score (in percentage) as it will improve by fixing these vulnerabilities on specific assets.
    2. The projected impact displayed in that panel is simply the sum of the individual remediation plans impact on the health score (in percentage), for all the plans that still have some vulnerabilities to fix.