• EnglishEspañol日本語한국어Português
  • Log inStart now

Understanding vulnerability prioritization

This document covers:

  • Where to find priority ranks in Vulnerability Management
  • What data factors into the priority ranks of vulnerabilities

Viewing priority rank in Vulnerability Management

one.newrelic.com > All capabilities > Vulnerability Management > (select vulnerabilities tab)

The priority ranking is based on all known data about a vulnerability. The Reason to prioritize column is a summary and weighting of key CVSS (Common Vulnerability Scoring System), EPSS (Exploit Prediction Scoring System), IAST confirmed findings, and known active ransomware data.

Data influencing priority rank

Example of ranking logic

A vulnerability that's "high" severity with an EPSS of "exploit probable" might rank higher than a vulnerability with a "critical" severity with an EPSS level that's lower than an 85th percentile probability of exploitation.

Copyright © 2024 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.