The Summary of Vulnerabilities section of your Scan Results report shows the average security risk value for all active hosts in the report. Security risk is first calculated for each active host in the report. Then the average of the security risk values is calculated and displayed in the summary. The calculation of the average security risk includes all active hosts, including active hosts with no detected vulnerabilities or potential vulnerabilities.
This description of security risk applies to Scan Results. See Security Risk in Scan Reports for a description that applies to scan reports generated from scan report templates.
An active host is a host that is alive at the time of the scan. For each active host in the Scan Results report, security risk is equal to the highest severity level detected across all vulnerabilities and potential vulnerabilities on the host. For example, if the highest severity level detected on a host is severity level 4 (whether confirmed or potential), then the security risk for the host is 4. Severity levels for information gathered detected on the host are not used.
The Summary of Vulnerabilities section of the Scan Results report shows the average security risk for all active hosts in the report.
These factors are used when calculating the average security risk:
• security risk for each active host (the highest severity level detected on the host)
• number of active hosts (hosts alive at the time of the scan and visible to the logged-in user)
The total number of active hosts includes all hosts alive at the time of the scan, including hosts with no detected vulnerabilities or potential vulnerabilities.
When a sub-user (Unit Manager, Scanner or Reader) looks at scan results, the user may not have access to all IP addresses included in the scan target. Thus, the number of active hosts the sub-user has access to may be lower than the total number of active hosts found during the scan. The numbers used in the Average Security Risk formula will be based on the active hosts visible to the logged-in user viewing the scan results.
The following formula is used for calculating the average security risk.
The Report Summary section shows the number of active hosts and total hosts. The active hosts value is the number hosts alive at the time of the scan. The total hosts value is the number of hosts in the scan target. In the following example, 8 hosts were included in the scan target but only 3 hosts were active.
The Detailed Results section shows the vulnerabilities, potential vulnerabilities and information gathered detected on each active host in the report. The security risk for each host is the highest severity level detected across vulnerabilities and potential vulnerabilities. The highest severity level for each active host is circled in the example below. To calculate the average for the report summary, you add 4+2+4 and divide by 3. The average security risk is 3.3 as shown above.
