.png?height=120&name=CyvatarLogo_May2022-01%20(1).png)
The RiskRecon score you're seeing on your Cyvatar Dashboard provides a quick glimpse into your organization's overall cybersecurity health based on external factors (9 domains) that RiskRecon can observe.
The RiskRecon score is derived from an analysis of several key areas, including how your digital assets align with security best practices, observable system configurations, and the potential exposure to common threats. This snapshot gives you a high-level view of your external risk landscape, highlighting areas where your security posture could be improved.
Software Patching
The Software Patching domain enumerates systems that are running end-of-life and vulnerable software. RiskRecon uses the CVSS rating as the severity for software patching issues. Software Patching security domain contains 4 criteria: Application Server Patching, OpenSSL Patching, CMS Patching, and Web Server Patching.
Application Security
The Application Security domain assesses each discovered web application for compliance with widely accepted application security practices that can be assessed using passive techniques. Consistent deployment of web application security controls is important to defend against application level attacks. Application Security domain contains CMS Authentication. HTTP Security Headers, External Threat Intelligence Alerts, High Value System Encryption, and Malicious Code.
Web Encryption
RiskRecon uses passive techniques to analyze web encryption security configurations to ensure communications are protected and verifies the authenticity of the system. Addressing encryption issues improves user experience, eliminating security alerts raised by the browser. Web Encryption contains 6 criteria: Certificate Expiration Date, Certificate Valid Date, Encryption Hash Algorithm, Encryption Key Length, Encryption Protocols, and Certificate Subject.
Network Filtering
The Network Filtering domain analyzes 2 criteria of the company networks and systems for the presence of Unsafe Network Services and IoT Devices. Unsafe network services and IoT devices are a common vector for compromising systems and networks.
Breach Events
The Breach Event domain summarizes the breach events the organization has experienced. Recent breach events indicate gaps in the breach events protection program. Organizations with breach events occurring consistently over time very likely have ineffective breach prevention programs and material gaps in their information security program.
System Reputation
The System Reputation domain enumerates systems owned by the company that are communicating with monitored C2 servers, sinkholes, honeypots, or are exhibiting other hostile activity. System Reputation contains 7 criteria: Command and Control Servers, Botnets Hosts, Hostile Hosts: Hacking, Hostile Hosts: Scanning, Phishing Sites, Other Blacklisted Hosts, and Spamming Hosts.
Email Security
The Email Security domain analyzes the security configuration of email services. Email servers should be configured to encrypt email communications to protect email messages from unauthorized access. Domains should be configured to prove the authenticity of email messages to prevent spoofing. Email Security contains 3 criteria: Command and Control Servers, Email Encryption (STARTTLS), and Email Hosting Providers.
DNS Security
The DNS Security domain assesses the use of controls to prevent unauthorized modification of domain records resulting in Domain Hijacking. This domain also enumerates the DNS Hosting providers to determine level of fragmentation. Control of DNS records is essential to keeping systems accessible.
System Hosting
The System Hosting domain provides insight into the Internet attack surface of the company. In this domain, RiskRecon rates two criteria - the degree of system hosting fragmentation and the use of shared IP address hosting. Hosting Geolocations are information only.