Improving asset risk score
There are two primary strategies to manage and reduce an asset risk score:1. Remediate identified findings (Recommended)
The most effective way to lower an asset risk score is to address the findings associated with the asset:- Prioritize remediation of high-severity findings first, as they have the greatest impact on the overall score.
- Systematically work through remaining issues to reduce the asset’s risk comprehensively.
2. Review and exempt detections
In some cases, certain findings may not apply to your environment. In these situations, you can:- Exempt detections associated with failed findings using the reasons False Positive or Compensating Control.
- Note that choosing Accepted Risk will not improve the asset risk score.
Exemptions reduce the asset risk score but do not reduce the actual risk of the asset. Use this option carefully and only when you are certain the finding does not represent a genuine risk in your environment.
Improving integration and tenant risk scores
Integration and tenant risk scores are directly influenced by the asset risk scores within them. To reduce these scores, you should:- Identify the assets with the highest asset risk scores within the integration or tenant.
- Focus remediation efforts on those high-risk assets.