RI Data Breach Scan - Data Breach Risk Report
The Expanded Data Breach Risk Report is based on the information returned from the RI Expanded Data Breach Scan. This contains details of any discovered vulnerabilities and unprotected data, the results of the Technical Safeguards Check, along with the Potential Liability monetary value of any data loss.
The first section provides basic information on the date and time the Assessment Completed, along with Device identifiers including its IP address, Host name and Operating System Platform.
Unprotected Data Summary
Contains the overall state Pass or Fail, a chart of the Unprotected Data Count by Type along with the monetary Potential Liability of this unprotected data if it were to fall into the wrong hands.
Information on the scan's Elapsed Time, Files Scanned, Files with Violation and Total Violations are also included within this section.
Displays the overall state Pass or Fail, a chart of showing the discovered Vulnerability Count by Severity and the summary Percentage of Vulnerabilities by Vendor (where available).
Click details in the section header to open the Vulnerability Details whilst clicking details against a vendor opens Vulnerability by Vendor Details focused on their section.
Details about Scoring
CVSS (Common Vulnerability Scoring System) provides standardised scoring with each vulnerability assigned a severity of High, Medium or Low.
A vulnerability with a High level of severity will fail PCI compliance whereas vulnerabilities with Medium or Low severity levels will generally pass PCI compliance.
7.0 - 10.0
4.0 - 6.9
0.0 - 3.9
Technical Safeguards Summary
Shows the overall state Pass or Fail, along with the number of settings that do or do not meet common baseline configurations (Compliant or Not Compliant).
Unprotected Data Details
Lists each of the discovered Unprotected Data elements discovered by the scan.
This section includes two file handling options:
- Edit Exclusion List, create Custom Exclusions and ignore the selected file in future scans.
- Create File Removal Script, create a File Removal Script to run on the target device and delete the selected file.
To view details of the discovered items you can expand each row individually or click to expand all rows with any identifiable information obfuscated.
As there may be a large volume of data discovered as part of this scan, we have included the filter options to return targeted information based on the selected data type: Default Data (all), Bank, Cards,DOB (Date of Birth), Licenses or SSN (social security type numbers).
Additionally there are pagination options to allow you to quickly and easily navigate between pages.
To export all the information from this section, regardless of filtering, click Download CSV data here.
Technical Safeguards Details
Provides a list of the queried safeguards queried and whether the device was Compliant or Not Compliant. For information, each safeguard includes a summary of its purpose.
Unprotected Data Scan Statistics
Provides information on the scan including its Elapsed Time, the Volumes Scanned, Files Scanned, Files With Suspect Data, Bytes Scanned and Suspected Instanced Found.
Vulnerabilities by Vendor Details
Where available this section contains details of those vendors where a vulnerability and / or missing patch was discovered for their products, including a list of potential fixes. To provide an indication of issue coverage for each of these vendors, the percentage of issues in the Report that are related to this vendor is also displayed.
Click a link in this section to open Vulnerability by Vendor Details focused on this vulnerability.
List information on the discovered vulnerabilities along with their CVSS score and an External Identifiers vendor reference and / or link to the National Vulnerability Database for additional details. To export the information from this section click Download CSV data here.
Network Port Details
Returns the open and listening TCP/IP Network Ports on the device and a link to the IANA Port References.
View as PDF
To view the Report as a PDF simply click the PDF Version to open the PDF Report in a new window. Please note that the PDF version contains the Unprotected Data Summary, Vulnerability Summary, Unprotected Data Details, Unprotected Data Scan Statistics, Vulnerabilities by Vendor Details and Network Port Details.
Download as CSV
It may be useful to view or utilize the data sets outside of the report, for example as part of a customer presentation or in your own custom reports. As such, we have included the ability to export a selection of sections to CSV. Where available for a section, click the Download CSV data here button to initiate the transfer.
Please note that we are not responsible for the content of external sites.