Home New York Security Incident Management Security Operations Vulnerability Response Vulnerability Response setup Optional Vulnerability Response setup tasks Create a Vulnerability Response calculator

Create a Vulnerability Response calculator

Starting with Vulnerability Response Version 8.0: A vulnerability calculator is a pre-defined formula to calculate a target field when certain criteria are met. Calculators, which calculate the vulnerable item Risk Score, can contain Risk Rules.

Before you begin

Role required: sn_vul.admin

Starting with v10.3, persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

Note: You may notice performance degradation when running vulnerability calculators that contain scripts.

Order your rules to run the simplest rules first and only run scripts on the items that cannot be handled with a condition and template value or a risk rule.

Procedure

Navigate to Vulnerability > Administration > Vulnerability Calculators.
Click New.

Fill in the fields on the form, as appropriate.

Table 1. Vulnerability calculator form
Field	Description
Name	The name of the vulnerability calculator.
Table	Auto-filled with the name of the vulnerable item table.
Application	Auto-filled with Vulnerability Response.
Target field	Field to calculate.
Description	Text description of the calculator.
Active	Turn the calculator on or off.

Right-click in the header to Save.
The Vulnerability Calculator Rules section appears.
Create a rule for the calculator by clicking New.

Note: For the New Risk Rules form (only available when the Target field is Risk Score) see step 10.

Fill in the fields, as appropriate.

Table 2. Vulnerability Calculator Rule form
Field	Description
Name	Name of the calculator rule.
Order	The order in which to run the vulnerability calculator. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
Calculator	Auto-filled with the calculator parent.
Active	By default the Active check box is selected, which means the calculator rule is active. If you clear this check box, this rule does not apply to new vulnerable items created in the system.
Advanced view	When selected, scripted conditions and scripted values can be selected from Condition type and Value type.

Fill in the fields in the When this condition is met tab, as appropriate.

Table 3. When this condition is met tab
Field	Description
Name	Name of the calculator rule.
Order	The order in which to run the vulnerability calculator. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
Calculator	Auto-filled with the calculator parent.
Active	By default the Active check box is selected, which means the calculator rule is active. If you clear this check box, this rule does not apply to new vulnerable items created in the system.
Advanced view	When selected, select scripted conditions and scripted values from Condition type and Value type.
Condition type	Available when you select the Advanced view. Choices include: Filter: Uses filter conditions. Filter group: See create a new filter group to define the calculator criteria. Script: Script condition used to determine when to apply this calculator. Note: Before you write scripts for determining when to apply the calculators, return to the Vulnerability Calculators list. Explore the vulnerability calculator records shipped with the base system.
Condition	Defines basic filter conditions for determining whether to use the calculator or not. Selecting either the Filter group or Script condition types, hides this field.

Click the Set these values tab and fill in the fields on the form, as appropriate.

Table 4. Set these fields tab
Field	Description
Value type	Available when you select the Advanced view. Choices include: Template: Define the values to set on each field. Script: Used to set the values on each field.
Script values	Available if you selected the Script value type. Defines what values to apply the calculations to.
Template	Select the fields and values you want to use for the calculator. Selecting either the Script value type, hides this field.

When you have completed all entries, click Submit.

Note: When you edit an existing calculator, and you want to update all existing scores, you can use the Reapply Calculator button. It runs through all active vulnerable items (VIs), and if that calculator would be used to set its value, recalculates the value for those VIs. Since reapplying a calculator can take a long time, a scheduled job handles it.

For the New Risk Rules form, fill in the fields as appropriate.

Set each weight according to the percentage of the result that should come from that value. For any data that your scanner does not provide, or for data that should not be part of the risk score, set the weight to zero.

As you update the weights, scenarios display the weights remaining, as well as anticipated Risk Score results.


Field	Description
Name	Name of the calculator rule.
Order	The order in which to run the vulnerability calculator. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
Calculator	Auto-filled with the calculator parent.
Active	By default the Active check box is selected, which means the calculator rule is active. If you clear this check box, this rule does not apply to new vulnerable items created in the system.
Condition	Defines basic filter conditions for determining whether to use the calculator. Selecting either the Filter group or Script condition types, hides this field.
Weights
Vulnerability Severity	Percentage of the result that comes from severity.
Exploit exists	Percentage of the result that comes from the existence of an exploit. If this information is not present in your vulnerabilities, set the weight to zero.
Exploit skill level	Percentage of the result that comes from the skill level required by the exploit. If this information is not present in your vulnerabilities, set the weight to zero.
Exploit attack vector	Percentage of the result that comes from where the attack is targeted. If this information is not present in your vulnerabilities, the set weight to zero.
Business criticality	Percentage of the result that comes from business criticality. If you have not linked your CIs to business services, the set weight to zero.
CI Exposure	Percentage of the result that comes from whether the CI is internet-facing. If the weight is non-zero, a condition filter appears to define which CI are internet-facing. Set the filter to select your Internet-facing configuration items. You can preview which records match the condition.
Running total	Auto-computed percentage totals. When this value reaches 100, the Scenario preview shows you sample risk scores in different scenarios.
Risk score scenarios	When all weights total 100%, risk score scenarios display, providing a preview of the risk score in some of the possible scenarios.

Click Submit.

Previous topic

Next topic

Release version

Create a Vulnerability Response calculator

Before you begin

Role required: sn_vul.admin

Note: You may notice performance degradation when running vulnerability calculators that contain scripts.

Order your rules to run the simplest rules first and only run scripts on the items that cannot be handled with a condition and template value or a risk rule.

Procedure

Navigate to Vulnerability > Administration > Vulnerability Calculators.
Click New.

Fill in the fields on the form, as appropriate.

Table 1. Vulnerability calculator form
Field	Description
Name	The name of the vulnerability calculator.
Table	Auto-filled with the name of the vulnerable item table.
Application	Auto-filled with Vulnerability Response.
Target field	Field to calculate.
Description	Text description of the calculator.
Active	Turn the calculator on or off.

Right-click in the header to Save.
The Vulnerability Calculator Rules section appears.
Create a rule for the calculator by clicking New.

Note: For the New Risk Rules form (only available when the Target field is Risk Score) see step 10.

Fill in the fields, as appropriate.

Table 2. Vulnerability Calculator Rule form
Field	Description
Name	Name of the calculator rule.
Order	The order in which to run the vulnerability calculator. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
Calculator	Auto-filled with the calculator parent.
Active	By default the Active check box is selected, which means the calculator rule is active. If you clear this check box, this rule does not apply to new vulnerable items created in the system.
Advanced view	When selected, scripted conditions and scripted values can be selected from Condition type and Value type.

Fill in the fields in the When this condition is met tab, as appropriate.

Table 3. When this condition is met tab
Field	Description
Name	Name of the calculator rule.
Order	The order in which to run the vulnerability calculator. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
Calculator	Auto-filled with the calculator parent.
Active	By default the Active check box is selected, which means the calculator rule is active. If you clear this check box, this rule does not apply to new vulnerable items created in the system.
Advanced view	When selected, select scripted conditions and scripted values from Condition type and Value type.
Condition type	Available when you select the Advanced view. Choices include: Filter: Uses filter conditions. Filter group: See create a new filter group to define the calculator criteria. Script: Script condition used to determine when to apply this calculator. Note: Before you write scripts for determining when to apply the calculators, return to the Vulnerability Calculators list. Explore the vulnerability calculator records shipped with the base system.
Condition	Defines basic filter conditions for determining whether to use the calculator or not. Selecting either the Filter group or Script condition types, hides this field.

Click the Set these values tab and fill in the fields on the form, as appropriate.

Table 4. Set these fields tab
Field	Description
Value type	Available when you select the Advanced view. Choices include: Template: Define the values to set on each field. Script: Used to set the values on each field.
Script values	Available if you selected the Script value type. Defines what values to apply the calculations to.
Template	Select the fields and values you want to use for the calculator. Selecting either the Script value type, hides this field.

When you have completed all entries, click Submit.

Note: When you edit an existing calculator, and you want to update all existing scores, you can use the Reapply Calculator button. It runs through all active vulnerable items (VIs), and if that calculator would be used to set its value, recalculates the value for those VIs. Since reapplying a calculator can take a long time, a scheduled job handles it.

For the New Risk Rules form, fill in the fields as appropriate.

As you update the weights, scenarios display the weights remaining, as well as anticipated Risk Score results.


Field	Description
Name	Name of the calculator rule.
Order	The order in which to run the vulnerability calculator. A calculator with an order entry of 100 runs before a calculator with an order entry of 200.
Calculator	Auto-filled with the calculator parent.
Active	By default the Active check box is selected, which means the calculator rule is active. If you clear this check box, this rule does not apply to new vulnerable items created in the system.
Condition	Defines basic filter conditions for determining whether to use the calculator. Selecting either the Filter group or Script condition types, hides this field.
Weights
Vulnerability Severity	Percentage of the result that comes from severity.
Exploit exists	Percentage of the result that comes from the existence of an exploit. If this information is not present in your vulnerabilities, set the weight to zero.
Exploit skill level	Percentage of the result that comes from the skill level required by the exploit. If this information is not present in your vulnerabilities, set the weight to zero.
Exploit attack vector	Percentage of the result that comes from where the attack is targeted. If this information is not present in your vulnerabilities, the set weight to zero.
Business criticality	Percentage of the result that comes from business criticality. If you have not linked your CIs to business services, the set weight to zero.
CI Exposure	Percentage of the result that comes from whether the CI is internet-facing. If the weight is non-zero, a condition filter appears to define which CI are internet-facing. Set the filter to select your Internet-facing configuration items. You can preview which records match the condition.
Running total	Auto-computed percentage totals. When this value reaches 100, the Scenario preview shows you sample risk scores in different scenarios.
Risk score scenarios	When all weights total 100%, risk score scenarios display, providing a preview of the risk score in some of the possible scenarios.

Click Submit.

How search works:

Topics are ranked in search results by how closely they match your search terms

Create a Vulnerability Response calculator

Create a Vulnerability Response calculator

On this page

Create a Vulnerability Response calculator

Create a Vulnerability Response calculator

Log in to personalize your search results and subscribe to topics