FORTIS Logic

Overview

This page provides an explanation of how Risk Scores are calculated for various cybersecurity-related reports in Power BI. These scores are designed to help prioritize security events based on severity, action type, and IP classifications.

Risk Score Range

5 Critical

Detected malware or direct threat activity.

4 High

Strong indicators of potentially malicious behavior.

3 Medium

Suspicious behavior needing further investigation.

2 Low

Benign but logged for visibility.

1 Informational

General activity.

Condition Risk Score
[Firewall Action] is "detected" AND [Event Type] is NOT in the excluded list* 5
[Firewall Action] is "monitored" AND [Event Type] is NOT in the excluded list* 5
[Firewall Action] is "passthrough" AND [Event Type] is NOT in the excluded list* 5
[Firewall Action] is "blocked" AND both Source & Destination IPs are private 4
[Firewall Action] is "dropped" AND both Source & Destination IPs are private 4
[Firewall Action] is "blocked" (all other cases) 2
[Firewall Action] is "dropped" (all other cases) 2
Anything else 1
No Logs 1

Excluded Event Types*

  • FortiGate-antivirus-file-oversize
  • FortiGate-antivirus-scan-archive-oversize-notif
  • FortiGate-antivirus-scan-archive-corrupted-notif
  • FortiGate-antivirus-file-submitted
  • FortiGate-antivirus-scan-archive-multipart-notif
  • FortiGate-antivirus-file-monitored

Anti-Malware Report - Key Conditions

Application Control Report - Key Conditions

Firewall Action AppCtrl Security Risk Count Risk Score
Pass Yes > 10,000 5
Pass Yes ≤ 10,000 4
Block Yes Any 3
Block No Any 2
Pass No Any 1
No Logs N/A Any 5

Is Your Business Vulnerable Against Cyber Threats?

Most organizations are unaware of cybersecurity threats and what steps to take when there is a breach. Cyber attacks compromise valuable data, including corporate and financial information. For businesses that deal directly with customers, a cyber attack can result in loss of sales and reputational damage.

Organizations that want to protect their data require cybersecurity assessments to uncover gaps between what is in place and what is required by the framework.

LCM works with industry leading cybersecurity frameworks to provide the best possible analysis of your current level of security. Our team of experts can customize cybersecurity assessments based on your specific business, customer, or partner requirements.

Are you protected?

Connect with our experts to start your Cybersecurity Assessment.

 LCM -A Leader In Security

Stay updated with the latest news and trends in cybersecurity

Cybersecurity Blog | LCM Security
Happy Holidays from The LCM Team
Happy Holidays from The LCM Team

LCM wishes our clients Happy Holidays and a prosperous New Year. We look forward to working with you in 2023 and helping you meet your cybersecurity goals

Read More →
Why Are Cybersecurity Assessments Important for Organizations?
Why Are Cybersecurity Assessments Important for Organizations?

There are thousands of cybersecurity vulnerabilities that threaten systems and software, with the potential to cause substantial financial losses for organizations. To protect against these vulnerabilities, organizations need to conduct regular cybersecurity assessments that identify IT security gaps.

Read More →
CIS Controls Version 8 Released
CIS Controls Version 8 Released

On May 18, 2020, the Center for Internet Security (CIS) released Version 8 of its CIS Controls. Formerly the SANS Critical Controls (SANS Top 20) and the CIS Critical Security Controls, the consolidated Controls are now officially called the CIS Controls.

Read More →