Security Score Calculation

Description

Security scores are automatically calculated and presented with a name and color.

How security scores are calculated

Antivirus

If the antivirus engine is not running, the security score is Poor

If the antivirus engine is running, but the virus definition updates are not up to date, the security score is Fair

If the antivirus engine is running, and the virus definition updates are up to date, the security score is Good

If the necessary information cannot be collected, the security score is None

Drivers

If the hardware model is supported and the drivers are up to date, the security score is Updated

If the hardware model is supported and the drivers are not up to date, the security score is Outdated

If the hardware model is not supported or necessary information is missing, the security score is None *

💡 Drivers are matched against the repository with driver packs provided by CapaOne Drivers and are only shown on the Security Summary dashboard

Encryption

If the boot drive is not encrypted, the security score is Poor

If the boot drive is encrypted, and no data drives exists, the security score is Good

If the boot drive is encrypted, but one or more data drives are not encrypted, the security score is Fair

If the boot drive is encrypted, and all data drives are encrypted, the security score is Good

If the necessary information cannot be collected, the security score is None

💡 Drive lock status does not effect the security score

Firewall

If a network connection is connected, and the software firewall is not active, the security score is Poor

If a network connection is connected, and the software firewall is active, the security score is Good

If the necessary information cannot be collected, the security score is None

Local Administrators

It’s not possible to calculate a security score based on the number of local administrators on endpoints.

Instead, the number of local administrators on each endpoint is shown.

Pending Reboot

If no reboots are pending, the security score is Good

If a reboot is pending, the security score depends on the reboot severity.

Blocks other installations = Fair
Security patches awaits activation = Fair
Computer has been renamed = Poor
The computer awaits domain join = Poor

If the necessary information cannot be collected, the security score is None

Software

If an installed application is supported and up to date, the security score is Updated

If an installed application is supported but not up to date, the security score is Outdated

If the necessary information cannot be collected, the security score is None

💡 Software is matched against the repository with applications provided by CapaOne Updater and is only shown on the Security Summary dashboard

Windows Update

If an update is installed, the security score is Good

If an updates is not installed, and the update is optional, the security score is Good

If an update is not installed, and a CVE article is linked to the update, the security score is Poor

If an update is not installed, and the update is not optional, and a CVE article is not linked, the security score depends on the MSRC Severity Rating

Critical or Important = Poor
Moderate, Low or None = Fair

If the necessary information cannot be collected, the security score is None

Recommendations

In general, higher security scores indicates a more secure system. A security score of Goodindicates that the system is well-protected, while a security score of Poor indicates that the system is more vulnerable to attacks.

Here are some recommendations to improve security scores :

Keep the antivirus software up to date
Encrypt all hard drives
Enable the software firewall
Limit the number of local administrators
Reboot regularly
Install available Windows updates

🎯 By following the recommendations, security scores can be improved and make the system less vulnerable to attacks!