You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-iot/organizations/how-to-create-risk-assessment-reports.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,6 +9,8 @@ ms.topic: how-to
9
9
10
10
Risk assessment reports, generated by Defender for IoT OT network sensors and on-premises management consoles, provide details about security scores, vulnerabilities, and operational issues on detected devices as well as risks coming from imported firewall rules.
11
11
12
+
## Risk mitigation
13
+
12
14
Take action based on the recommendations provided in the risk assessment reports to improve your overall network security score. For example, you might install the latest security or firmware updates, or investigate any PLCs that are currently in unsecure states.
13
15
14
16
Each sensor has access to reports generated for that sensor, while the on-premises management console allows you view reports from all connected sensors from the same page. The on-premises management console also supports customizations for the logo that appears in your report.
@@ -83,8 +85,8 @@ Risk assessment reports include the following details:
83
85
84
86
|Details |Description |
85
87
|---------|---------|
86
-
|**Security scores**| An overall security score for all detected devices, and a security score for each individual device. <br><br> Security scores are based on data learned from packet inspection, behavioral modeling engines, and a SCADA-specific state machine design, and are categorized as follows: <br> - **Secure Devices** are devices with a security score above 90%. <br> - **Devices Needing Improvement** are devices with a security score between 70 percent and 89%. <br> - **Vulnerable Devices** are devices with a security score below 70%. |
87
-
|**Security and operational issues**| Insight into any of the following security and operational issues: <br><br> - Configuration issues <br> - Device vulnerability, prioritized by security level <br> - Network security issues <br> - Network operational issues - Connections to ICS networks <br> - Internet connections <br> - Industrial malware indicators <br> - Protocol issues <br> - Attack vectors |
88
+
|**Security scores**| An overall security score for all detected devices, and a security score for each individual device. <br><br> Security scores are based on data learned from packet inspection, behavioral modeling engines, and a SCADA-specific state machine design, and are categorized as follows: <br><br> - **Secure Devices** are devices with a security score above 90%. <br> - **Devices Needing Improvement** are devices with a security score between 70 percent and 89%. <br> - **Vulnerable Devices** are devices with a security score below 70%. |
89
+
|**Security and operational issues**| Insight into any of the following security and operational issues: <br><br> - Configuration issues <br> - Device vulnerability, prioritized by security level <br> - Network security issues <br> - Network operational issues <br> - Connections to ICS networks <br> - Internet connections <br> - Industrial malware indicators <br> - Protocol issues <br> - Attack vectors |
88
90
|**Firewall rule risk**| If you've imported firewall data to your sensor, the risk assessment reports also include data about firewall rule risk, based on the imported rules. The Risk Assessment report highlights if a rule is not secure, or if there's a mismatch between the rule and the monitored network. |
0 commit comments