Risk Models Weighted vs Temporal

InsightVM
1

Hello guys,

When it comes to using risk models what would be the ideal model that is easy to understand and communicate across different members from different teams?

Does either one have a different advantage then the other?

What is the default model set at?

I’m I understanding this right, Temporal is going to take different parameters such as vector, possibility, and instance of vulnerability and calculate across the board whereas Weighted is basically agent asset information?

I need an ELI5 on this subject. :grinning:
https://help.rapid7.com/nexpose/en-us/Files/Risk_scoring_FAQ.html

2

I’m not sure how accurate that document is. That is specifically a nexpose doc talking about risk but everything should refer to InsightVM even if you are using the standalone Nexpose installer afaik.

Above would be the docs to go by, however Nexpose also has it’s own public docs which essentially say the same thing here

But to answer your question, REAL RISK is the default and by far the most straight forward.