Solution Management Scoring Risk Rating
The Solution Management Risk Rating is as follows:
- Critical = 90 - 100
- High = 70 - 89
- Medium = 30 - 69
- Low = 1 - 29
- None = 0
The risk score is weighted 85% of the max risk score across all active vulnerable items for the solution and 15% for the number of active vulnerable items.
If active VI count >= 1000 , then 15 points are added to the risk score.
If active VI count>=100 and less than 1000, then 10 points are added.
if active VI count>=10 but less than 100, then 5 points are added.
if active VI count<10, then no points are added.
All these can be customized only using the two functions _getRiskScore and _getRiskRating in 'SolutionsUtil' Script Include.
So, to make customizations, create a copy of this Script Include and mark this one as inactive.
Both the methods _getRiskRating and _getRiskScore are getting called from calculateSolutionCounts in the same Script Include.
This is called after the integration is complete.
This is the Script Include ' 'SolutionsUtil' that should be cloned. This is called after the integration run is complete