Davis Assessment

In the following, you'll learn about the factors considered when assessing a vulnerability:

Public internet exposure

Public internet exposure is one of the risk factors taken into consideration when determining the Davis Security Score.

If there is public internet exposure, it means that vulnerabilities affect at least one process that is exposed to the internet.

Possible states

  • Public network: There is public internet exposure.
  • Not detected: No public internet exposure was found.
  • Not available: Data isn't available, because the related hosts aren't running in Full-Stack Monitoring mode. For details, see Monitoring modes.

Use case

Filter vulnerabilities by Davis Assessment > Public internet exposure.

FAQ

How is public internet exposure determined?

Reachable data assets

Reachable data assets are one of the risk factors taken to consideration when determining the Davis Security Score. If there are any reachable data assets affected it means that vulnerabilities affect at least one process that has database access (runs a database service).

Possible states

  • Within range: There are reachable data assets affected.
  • None within range: There are no reachable data assets within range.
  • Not available: Data isn't available, because the related hosts aren't running in Full-Stack Monitoring mode. For details, see Monitoring modes.

Use cases

Vulnerable functions

Third-party vulnerabilities

Vulnerable functions are one of the risk factors to consider when evaluating a vulnerability (yet they are not considered for the DSS calculation).

If there are any vulnerable functions in use, there is at least one process using a vulnerable function (this might indicate a higher exploitation risk).

Possible states

Key concepts

Class

The class that contains the vulnerable function related to the vulnerability.

  • Example: org.apache.http.client.utils.URIUtils
Function usage

Shows whether the vulnerable function is being used by your application. Based on whether your application uses the vulnerable function, you can assess the impact on your environment. The usage of a vulnerable function is calculated on the process level and is aggregated to the process group level, which results in a count of affected process groups per function.

  • Examples: In use, Not in use, Not available

Use cases

FAQ

Public exploit

Third-party vulnerabilities

Public exploit is one of the risk factors to be considered when assessing a vulnerability. If there is any public exploit published, it means that malicious code to exploit this vulnerability is available on the internet.

Possible states

  • Public exploit published: A publicly known exploit for this vulnerability is available.
  • No public exploit published: No publicly known exploit for this vulnerability is available.

Use case

Filter vulnerabilities by Davis Assessment > Public exploit published.

Assessment mode

Assessment mode determines whether detailed analysis is possible based on your monitoring mode.

Possible states

  • Full: All process group instances are monitored in Full-stack monitoring mode.
  • Reduced: Detailed assessment isn't possible because at least one process group instance isn't monitored in Full-stack monitoring mode.
    • How this affects the DSS calculation: The context of internet exposure or reachable data assets cannot be examined due to the lack of information, thus the DSS score can't be lowered.
    • When Full-Stack Monitoring isn't enabled, an alert is displayed on the details page of a vulnerability.
  • Not available: The vulnerability is resolved.

Use case

Filter for Davis Assessment > Assessment mode.