Exposure Score Levels¶
The results of a completed pentest are assigned an exposure level based on the type of test (Internal versus External), and on the weaknesses and impacts found during the test. The following table details the definitions for the exposure levels given:
Internal Pentests¶
| Exposure Score | Reasons for This Score |
|---|---|
| Critical | Any of the discovered impacts fall into one of these categories: Domain Compromise, AWS Account Compromise, AWS User Compromise, Azure AD User Compromise, Business Email Compromise; OR 20% of the discovered hosts have a host compromise impact. |
| High | One or more impacts OR at least one critical weakness discovered. |
| Medium | No impacts discovered AND one or more high weaknesses discovered. |
| Low | No impacts discovered AND one or more medium or low weaknesses discovered. |
| None | No weaknesses or impacts discovered. |
External Pentests¶
| Exposure Score | Reasons for This Score |
|---|---|
| Critical | Any impact EXCEPT Sensitive Data Exposure or Brand Compromise. |
| High | One or more impacts discovered OR at least one weakness discovered with context score >= 5.0. |
| Medium | No impacts discovered AND at least one weakness discovered with context score between 3.0 and 5.0. |
| Low | No impacts discovered AND at least one weakness with context score <= 3.0. |
| None | No weaknesses or impacts discovered. |
Determining Overall Exposure¶
NodeZero reports an overall exposure level based on a composite of the highest score of each finding, and the corresponding pentest type (internal or external). We score external pentests more severely than internal pentests, due to the extra exposure risk. Because this is a weighted determination, the overall exposure score might be higher or lower than the highest individual severity finding in a given pentest.