Create a vulnerability calculator

A vulnerability calculator is a pre-defined formula to calculate the severity of security incidents when certain criteria are met.

Before you begin

  • Allow the vulnerability admin to see values to apply to the template by providing full read and write (or save_as_template) capabilities on any table used by calculators.
  • Roles required: sn_vul.vulnerability_admin.

Procedure

  1. Navigate to Vulnerability > Administration > Vulnerability Calculator Groups.
  2. Click the name of the group for which you want to create a calculator, or create a new group and then create a calculator for that group using the following steps.
  3. In the Vulnerability Calculators related list, click New.
  4. Fill in the fields on the form, as appropriate.
    Table 1. Vulnerability calculator form
    Field Description
    Name The name of the vulnerability calculator.
    Calculator Group Displays the group for which you are creating this calculator.
    Table Select the table to be used for this calculator.
    Note:

    When you add calculators to tables other than Vulnerability [sn_vul_vulnerability] or Vulnerable Item [sn_vul_vulnerable_item], add business rules and UI Actions to those tables.

    To see examples:
    • Navigate to System Definition > Business Rules and locate the Calculate Criticality business rule on the Vulnerable Item [sn_vul_vulnerable_item] table.
    • Navigate to System UI > UI Actions and locate the Calculate Criticality UI action on the Vulnerable Item [sn_vul_vulnerable_item] table.
    Order The order in which the vulnerability calculator is run. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
    Active Turn the calculator on or off.
    Description A description of this calculator.
  5. Right-click the form header and select Save. Two tabs, Conditions and Values to Apply, appear.
  6. Fill in the fields in the Conditions tab, as appropriate.
    Field Description
    Use filter group Select this check box to use a predefined filter group or create a new filter group to define the calculator criteria.
    Filter group Select the filter group to use for defining a calculator.

    This field appears only if you selected the Use filter groups check box.

    Use advanced condition Select this check box to indicate that a script condition is used to determine when this calculator is applied. When you select the check box, an Advanced condition scripting field appears. Set the answer variable to true to apply the calculator.

    If you selected the Use filter group check box, this field is hidden.

    Note: Before you define advanced conditions and write scripts for determining when the security incident calculators are applied, return to the Vulnerability Calculators list. Explore the vulnerability calculator records shipped with the base system.
    Condition Defines basic filter conditions for determining whether the calculator is used.

    If you selected either of the Use filter group or Use advanced conditions check boxes, this field is hidden.

  7. Click the Values to Apply tab and fill in the fields on the form, as appropriate. You have the choice of creating a script for defining the values to apply to the calculation or defining a template based on fields in the selected table.
    Field Description
    Use script values Select this check box to define field values with a script.
    Script values Defines what values to apply the calculations to.

    This field appears only if you selected the Use script values check box.

    Template Right-click the form header and select Save. Select the fields and values you want to use for the calculator.
  8. When you have completed all entries, click Submit.