diff --git a/docs/platform/security/customize/risk.mdx b/docs/platform/security/customize/risk.mdx new file mode 100644 index 000000000..e5a5061fd --- /dev/null +++ b/docs/platform/security/customize/risk.mdx @@ -0,0 +1,49 @@ +--- +title: Customize How Risk Factors Affect Asset Scores +sidebar_label: Customize Risk Factors +sidebar_position: 10 +description: Mondoo considers multiple contextual risk factors when evaluating the security of your assets. To customize per your business's security priorities, you can choose which contextual risk factors affect your assets' scores. +image: /img/featured_img/mondoo-feature.jpg +--- + +Mondoo considers multiple [contextual risk factors](https://mondoo.com/docs/platform/security/posture/findings/#factor-contextual-risk) when evaluating the security of your assets. To customize per your business's security priorities, you can choose which contextual risk factors affect your assets' scores. + +For a finer degree of control over the impact that risk factors have on asset scores, you can choose not only _whether_ a risk factor affects scores, but _how much_ a risk factor affects scores. + +The settings you choose to customize risk factors apply to all assets in the space. If you have multiple spaces, any risk customization you make in one space doesn't affect other spaces. + +import Partial from "../../partials/_editor-owner.mdx"; + +{" "} + +## Choose which risk factors affect security scores + +1. In the [Mondoo Console](https://console.mondoo.com), [navigate](/platform/start/navigate) to the space you want to customize. + +2. In the side navigation bar, select **Settings**. + +3. Select the **Security Model** tab. + + ![Customize how risk factors affect asset scores in Mondoo](/img/platform/security/custom-risk.png) + +4. In the list of risk factors, enable or disable the toggle beside a risk factor: + + - An enabled toggle (purple, with the switch to the right) indicate that the risk factor does affect the security scores of assets in the space. + + - A disabled toggle, (white, with the switch to the left) indicate that the risk factor does not affect the security scores of assets in the space. + + Changes take place immediately. + +## Choose how much different risk factors affect security scores + +1. In the [Mondoo Console](https://console.mondoo.com), [navigate](/platform/start/navigate) to the space you want to customize. + +2. In the side navigation bar, select **Settings**. + +3. Select the **Security Model** tab. + +4. Select the **SHOW ADVANCED SETTINGS** button. + + ![Customize how much risk factors affect asset scores in Mondoo](/img/platform/security/custom-risk-advanced.png) + +5. diff --git a/docs/platform/security/posture/findings.mdx b/docs/platform/security/posture/findings.mdx index b04ebea8c..1bd4dbcd0 100644 --- a/docs/platform/security/posture/findings.mdx +++ b/docs/platform/security/posture/findings.mdx @@ -46,6 +46,8 @@ These are the contextual risk factors that Mondoo uses when calculating risk: Contextual risk factors allow Mondoo to more accurately assess the risk of a finding because they consider the asset, the environment in which the finding exists. +You can customize the degree of impact that different risk factors have on asset security scores. To learn how, read [Customize How Risk Factors Affect Asset Scores](/platform/security/customize/risk/). + ## Blast radius The _blast radius_ of a finding is the impact that the finding has on a space. Mondoo can expose the same finding on multiple assets in a space. It calculates blast radius of the finding using the risk scores of all of the assets in the space that have that finding.