Blog

Optimizing Cybersecurity: Dynamic Scoring and Action Statuses in Cymulate ASM

Optimizing Cybersecurity: Dynamic Scoring and Action Statuses in Cymulate ASM
Userlevel 2
Badge +2

Cymulate Attack Surface Management (ASM) excels in providing integrated overview of all external assets and the associated risks, combining nuanced action statuses with dynamic scoring. This combination offers a responsive and accurate reflection of an organization's security posture. 

Action Statuses for Findings 

ASM provides distinct action statuses for findings: 

  • TBD: The default action, indicating a finding awaits review or action. 

  • Investigating: Used when a finding is currently under examination. 

  • Acknowledged: Used for low-risk findings with no expected action items. Findings with this status will be included in future scans and retain their 'Acknowledged' status. 

  • Solved: Used when a fix has been applied. In the case the mitigations implemented for the finding were insufficient, the finding will reappear in future scans with the status of ‘Re-appeared’.  Re-appeared findings influence the assessment score. 

  • Irrelevant: This status is automatically assigned to findings when the related asset is marked as 'Irrelevant'. 

Action Statuses for Assets 

ASM categorizes assets with these statuses: 

  • TBD: The initial status, indicating pending classification or action. 

  • Investigating: Used when an asset is currently under examination. 

  • Verified: Used to confirm that an asset belongs to the organization. 

  • Irrelevant: Used when an asset does not belong to the organization. Assets marked as 'Irrelevant' will not be included in future scans. 

Dynamic Scoring in Cymulate ASM 

In Cymulate ASM, dynamic scoring is an essential feature. It directly reflects the effectiveness and timeliness of an organization's cybersecurity responses. As action statuses for findings and assets are updated, the ASM scoring system dynamically adjusts. This real-time scoring is crucial for several reasons: 

  • Immediate Impact Reflection: When a finding is marked as 'Solved', 'Irrelevant', or 'Acknowledged', it is excluded from the assessment score. This exclusion immediately lowers the score, visibly demonstrating the effectiveness of remediation actions. 

  • Encouraging Proactive Measures: By dynamically adjusting the score based on current statuses, ASM incentivizes swift action. For example, shifting a finding from 'Investigating' to 'Solved' not only resolves the issue but also positively impacts the security score. 

  • Highlighting Re-Appeared Findings: A 'Solved' finding that reappears signifies incomplete remediation. This status impacts the assessment score, emphasizing the need for further action and thorough resolution. 

Cymulate ASM, with its dynamic scoring and detailed action statuses, provides organizations with a powerful tool to manage and enhance their cybersecurity posture. This system ensures that the security score is a live indicator of an organization's current cybersecurity health, highlighting the progress made in addressing vulnerabilities. By offering real-time reflections of security actions and encouraging proactive measures, ASM helps organizations stay ahead of potential threats and continuously improve their security strategies. 

 

Nir Stolarski 

Product Manager


0 replies

Be the first to reply!

Reply