The Cortex Xpanse Security Rating represents the overall hygiene of an organization’s external-facing attack surface and the risk of a breach originating from external-facing assets.
The Cortex Xpanse Security Rating represents the overall hygiene of an organization’s external-facing attack surface and the risk of a breach originating from external-facing assets.
Your Security Rating is calculated as a weighted average of risk scores for all incidents on your attack surface, weighing heavily on exploitable vulnerabilities. It uses all high and medium-severity attack surface rules to identify vulnerabilities, regardless of incident status or whether the attack surface rule is enabled. Additionally, the calculation uses the default severity setting of attack surface rules, so changing the severity of attack surface rules will not impact your Security Rating. Low-severity attack surface rules are excluded from the calculation.
This method of calculating the Security Rating enables you to compare your organization's security posture against industry peers of various sizes. Additionally, you can use it to compare different business units or cloud providers within your organization.
The Security Rating can range from 0 to 100, with a higher score indicating a more secure attack surface. It's updated daily to account for resolved incidents and new risks identified on your attack surface. By focusing your remediation efforts on high-risk incidents based on their risk scores, you can reduce risk in your attack surface and improve your Security Rating over time.
Your Security Rating is displayed in Expander on the Security Rating Dashboard, which provides actionable information to enable you to track and improve your Security Rating. The Security Rating Dashboard displays the following information:
Your overall Security Rating, with a high-level summary of the providers and region with the highest risk
Your Security Rating compared to your industry peers
Your Security Rating trend over the last 90 days
Your Security Rating broken down by business unit, geo-IP location, and hosting provider
A list of your highest risk incidents, so you can focus your remediation efforts where they will have the most significant impact
To view the Security Rating Dashboard, go to
→What is the difference between a Security Rating and a Risk Score?
The Cortex Xpanse Security Rating represents the overall hygiene of an organization’s external-facing attack surface and the risk of a breach originating from external-facing assets. The Security Rating applies to an organization and is broken down by business units, geolocation, and hosting providers to provide a comprehensive view of an organization's attack surface security posture. A higher Security Rating indicates a more secure attack surface.
A Risk Score applies to an incident. Cortex Xpanse assigns every incident a Risk Score based on threat and exploit intelligence. Risk scores enable you to prioritize incidents and focus your remediation efforts. A higher Risk Score indicates a higher risk incident. Xpanse calculates your Security Rating using a weighted average of the Risk Scores for all incidents on your attack surface. See Risk Scoring for more information.