Erin Conry

The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure vis...

DNSSEC is a Diligence risk vector. It determines if a company is using the DNSSEC protocol, which is a public key encryption that authenticates DNS servers, and then assesses the effectiveness of i...

Each DNSSEC finding has a message shown in Findings as an individual entry, along with the associated IP address. The text in the remediation column is also available in the platform. Remediation i...

This article answers common questions about lifetime period logic and handling offline assets. It also explains how some risk vectors function differently Why do remediated findings still have a l...

The DMARC risk vector determines whether domains have a Domain-based Message Authentication, Reporting and Conformance (DMARC) policy or not and evaluates how effective it is at ensuring only verif...

The Web Application Headers risk vector is part of the Diligence risk category. It analyzes a variety of headers and their configurations to determine if security best practices are being followed....

⇤ How is the Diligence Risk Category Calculated?The Insecure Systems risk vector assessment is based on the supported/unsupported status and the level of risk that has been introduced to an organiz...

Each risk vector in the Diligence risk category is assessed and then normalized to account for company size. See how security ratings are calculated.WeightThe Diligence risk category accounts for 7...