Remote Monitoring & Management Help

RI Data Breach Scan - Data Breach Risk Report

The Expanded Data Breach Risk Report is based on the information returned from the RI Expanded Data Breach Scan. This contains details of any discovered vulnerabilities and unprotected data, the results of the Technical Safeguards Check, along with the Potential Liability monetary value of any data loss.

Device Details

The first section provides basic information on the date and time the Assessment Completed, along with Device identifiers including its IP address, Host name and Operating System Platform.

Please note that each of the following sections incorporates the option to expand to view this section and collapse to hide.

Unprotected Data Summary

Contains the overall state Pass or Fail, a chart of the Unprotected Data Count by Type along with the monetary Potential Liability of this unprotected data if it were to fall into the wrong hands.

Information on the scan's Elapsed Time, Files Scanned, Files with Violation and Total Violations are also included within this section.

Vulnerability Summary

Displays the overall state Pass or Fail, a chart of showing the discovered Vulnerability Count by Severity and the summary Percentage of Vulnerabilities by Vendor (where available).

Click details in the section header to open the Vulnerability Details whilst clicking details against a vendor opens Vulnerability by Vendor Details focused on their section.

Details about Scoring

CVSS (Common Vulnerability Scoring System) provides standardised scoring with each vulnerability assigned a severity of High, Medium or Low.

A vulnerability with a High level of severity will fail PCI compliance whereas vulnerabilities with Medium or Low severity levels will generally pass PCI compliance.

CVSS Score

Severity

7.0 - 10.0

High

4.0 - 6.9

Medium

0.0 - 3.9

Low

Technical Safeguards Summary

Shows the overall state Pass or Fail, along with the number of settings that do or do not meet common baseline configurations (Compliant or Not Compliant).

Unprotected Data Details

Lists each of the discovered Unprotected Data elements discovered by the scan.

This section includes two file handling options, Edit Exclusion List allows to you create Custom Exclusions and ignore the selected file in future scans. With Create File Removal Script you can create a File Removal Script run to run on the target device and delete the selected file.

To view details of the discovered items you can expand each row individually or click to expand all rows with any identifiable information obfuscated.

As there may be a large volume of data discovered as part of this scan, we have included the filter options to return targeted information based on the selected data type: Default Data (all), Bank, Cards,DOB (Date of Birth), Licenses or SSN (social security type numbers).

Additionally there are pagination options to allow you to quickly and easily navigate between pages.

To export all the information from this section, regardless of filtering, click Download CSV data here.

ri_unprotected_filter

Technical Safeguards Details

Provides a list of the queried safeguards queried and whether the device was Compliant or Not Compliant. For information, each safeguard includes a summary of its purpose.

Unprotected Data Scan Statistics

Provides information on the scan including its Elapsed Time, the Volumes Scanned, Files Scanned, Files With Suspect Data, Bytes Scanned and Suspected Instanced Found.

Vulnerabilities by Vendor Details

Where available this section contains details of those vendors where a vulnerability and / or missing patch was discovered for their products, including a list of potential fixes. To provide an indication of issue coverage for each of these vendors, the percentage of issues in the Report that are related to this vendor is also displayed.

Click a link in this section to open Vulnerability by Vendor Details focused on this vulnerability.

Vulnerability Details

List information on the discovered vulnerabilities along with their CVSS score and an External Identifiers vendor reference and / or link to the National Vulnerability Database for additional details. To export the information from this section click Download CSV data here.

Network Port Details

Returns the open and listening TCP/IP Network Ports on the device and a link to the IANA Port References.

View as PDF

To view the Report as a PDF simply click the PDF Version to open the PDF Report in a new window. Please note that the PDF version contains the Unprotected Data Summary, Vulnerability Summary, Unprotected Data Details, Unprotected Data Scan Statistics, Vulnerabilities by Vendor Details and Network Port Details.

Download as CSV

It may be useful to view or utilize the data sets outside of the report, for example as part of a customer presentation or in your own custom reports. As such, we have included the ability to export a selection of sections to CSV. Where available for a section, click the Download CSV data here button to initiate the transfer.

expanded_data_breach1

Please note that we are not responsible for the content of external sites.