VIDEO Contextual Scoring With Priorities Get a glimpse into the fully configurable contextual scoring engine in PlexTrac Priorities to see how it supports continuous validation and risk-based prioritization to help you track and measure progress. Series: PlexTrac MiniDemo Series Category: Product Features BACK TO VIDEOS Transcript So let’s talk through how you actually create that contextual scoring algorithm that we applied to these findings. If you come over to the Account Administration page, we have a section called Contextual Scoring, and it comes with a default equation, and then you can create your own. So when you come in to edit the equation, you can name it, you can give it a description, and then we have all these variables that play a factor into the overall risk score. This is what’s built out of the box. You can see the asset count itself will account for 25% of the weighted scoring. And these are the different rules. And you can add additional rules as you see fit. So you can see here we’ve got an asset count of less than 25. You’re going to get half of the points available for this category. And if you have an asset count of greater than 25, you’re going to get 100% of the points for this category. So remember, this counts for 25% of this algorithm. So if you have more assets, it’s going to weigh the priority a little bit higher. But the nice thing is that we can add as many criteria as we want and we can also adjust it. So let’s say that we have an issue with PCI, right? And we want to make sure that we want to weigh assets that have a PCI that are part of the PCI CDE in a much more significant fashion. So we’re going to bump that up to 20%. And you’ll notice I’ve got to bump some other things down. So let’s go ahead and put this at 10%. We will put this at 5%, and we’ll put this at 15%. So now we have our weighting correct. And then we come into tags and we want to say, hey, if this is part of the PCI or this has PCI or PCI CDE implications, we want to get it the full 100 points. And you can see here that I forgot to fill out this rule. So we’ll go ahead and delete that and then we will save it. And so now that algorithm is going to be updated when we go back over to the priorities list. And you can see that now this has even increased this one to even higher and the SSL one to even lower. So this is what’s nice about being able to apply some objective criteria, is it really does start to give a picture for what you should be focused on. SHOW FULL TRANSCRIPT
ANNOUNCEMENT New! Streamline Pentest Reports With Plex․AI.· Learn more >> ANNOUNCEMENT New! Streamline Pentest Reports With Plex․AI.· Learn more >>