Risk Score goes up?

Random question here, but can anybody explain why our risk score goes up 150k - 200k over night when there are no scans happening?

Do you have insight agents installed on your endpoints?

Only on 2 for testing purposes but and they only account for 1k risk score Lol. This has been happening before the agents also. Our Score will go back down to its normal score after it re scans everything, just weird how every morning we come in and we are back up 150k Lol.

self hosted, r7 hosted, or r7 managed?

self hosted

The world changes or more specifically the vulnerabilities

  • Threat exposure includes three variables:
    • Vulnerability age - is a measure of how long the security community has known about the vulnerability. The longer a vulnerability has been known to exist, the more likely that the threat community has devised a means of exploiting it and the more likely an asset will encounter an attack that targets the vulnerability. Older vulnerability age corresponds to higher risk.

    • Exploit exposure - is the rank of the highest-ranked exploit for a vulnerability, according to the Metasploit Framework. This ranking measures how easily and consistently a known exploit can compromise a vulnerable asset. Higher exploit exposure corresponds to higher risk.

    • Malware exposure - is a measure of the prevalence of any malware kits, also known as exploit kits, associated with a vulnerability. Developers create such kits to make it easier for attackers to write and deploy malicious code for attacking targets through the associated vulnerabilities.

1 Like

If you have changed from Real Risk or any of the others for that matter to Active Risk, the change seems possible but if it is not then maybe it could’ve been like Trevor mentioned that the vulnerabilities received updates and had a change of risk score based on that.