Skip to content

Commit d6cdec8

Browse files
Shereen-BharShereen-Bhar
committed
bullets to table
1 parent dd9d8c7 commit d6cdec8

File tree

1 file changed

+6
-30
lines changed

1 file changed

+6
-30
lines changed

articles/defender-for-iot/organizations/how-to-create-risk-assessment-reports.md

Lines changed: 6 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ Each sensor has access to reports generated for that sensor, while the on-premis
1515

1616
## Prerequisites
1717

18-
- You must be an **Admin** user to import firewall rules to an OT sensor or add backup and anti-virus server addresses. <!--need to check this-->.
18+
- You must be an **Admin** user to import firewall rules to an OT sensor or add backup and anti-virus server addresses.
1919

2020
- You must be an **Admin** or **Security Analyst** user to create or view risk assessment reports on the OT sensor or on-premises management console.
2121

@@ -81,35 +81,11 @@ Use an on-premises management console to create and view risk assessment reports
8181

8282
Risk assessment reports include the following details:
8383

84-
- An overall security score for all detected devices, and a security score for each individual device.
85-
86-
Security scores are based on data learned from packet inspection, behavioral modeling engines, and a SCADA-specific state machine design, and are categorized as follows:
87-
88-
- **Secure Devices** are devices with a security score above 90%.
89-
90-
- **Devices Needing Improvement**: Devices with a security score between 70 percent and 89%.
91-
92-
- **Vulnerable Devices** are devices with a security score below 70%.
93-
94-
- Insight into any of the following security and operational issues:
95-
96-
:::row:::
97-
:::column span="":::
98-
- Configuration issues
99-
- Device vulnerability, prioritized by security level
100-
- Network security issues
101-
- Network operational issues
102-
:::column-end:::
103-
:::column span="":::
104-
- Connections to ICS networks
105-
- Internet connections
106-
- Industrial malware indicators
107-
- Protocol issues
108-
- Attack vectors
109-
:::column-end:::
110-
:::row-end:::
111-
112-
If you've imported firewall data to your sensor, the risk assessment reports also include data about firewall rule risk, based on the imported rules. The Risk Assessment report highlights if a rule is not secure, or if there's a mismatch between the rule and the monitored network.
84+
|Details |Description |
85+
|---------|---------|
86+
| **Security scores** | An overall security score for all detected devices, and a security score for each individual device. <br><br> Security scores are based on data learned from packet inspection, behavioral modeling engines, and a SCADA-specific state machine design, and are categorized as follows: <br> - **Secure Devices** are devices with a security score above 90%. <br> - **Devices Needing Improvement** are devices with a security score between 70 percent and 89%. <br> - **Vulnerable Devices** are devices with a security score below 70%. |
87+
| **Security and operational issues** | Insight into any of the following security and operational issues: <br><br> - Configuration issues <br> - Device vulnerability, prioritized by security level <br> - Network security issues <br> - Network operational issues - Connections to ICS networks <br> - Internet connections <br> - Industrial malware indicators <br> - Protocol issues <br> - Attack vectors |
88+
| **Firewall rule risk** | If you've imported firewall data to your sensor, the risk assessment reports also include data about firewall rule risk, based on the imported rules. The Risk Assessment report highlights if a rule is not secure, or if there's a mismatch between the rule and the monitored network. |
11389

11490
## Next steps
11591

0 commit comments

Comments
 (0)