RI Data Breach Scan - Data Breach Risk Report
The Data Breach Risk Report is based on the information returned from the RI Data Breach Scan and contains details of any discovered vulnerabilities and unprotected data, along with the Potential Liability monetary value of any data loss.
The first section provides basic information on the date and time the Assessment Completed, along with Device identifiers including its IP address, Host name and Operating System Platform.
Please note that each of the following sections incorporates the option to expand to view this section and collapse to hide.
Unprotected Data Summary
Contains the overall state Pass or Fail, a chart of the Unprotected Data Count by Type along with the monetary Potential Liability of this unprotected data if it were to fall into the wrong hands.
Information on the scan's Elapsed Time, Files Scanned, Files with Violation and Total Violations are also included within this section.
Displays the overall state Pass or Fail, a chart of showing the discovered Vulnerability Count by Severity and the summary Percentage of Vulnerabilities by Vendor (where available).
Click details in the section header to open the Vulnerability Details whilst clicking details against a vendor opens Vulnerability by Vendor Details focused on their section.
Details about Scoring
CVSS (Common Vulnerability Scoring System) provides standardised scoring with each vulnerability assigned a severity of High, Medium or Low.
A vulnerability with a High level of severity will fail PCI compliance whereas vulnerabilities with Medium or Low severity levels will generally pass PCI compliance.
7.0 - 10.0
4.0 - 6.9
0.0 - 3.9
Unprotected Data Details
Lists each of the discovered Unprotected Data elements discovered by the scan.
This section includes two file handling options, Edit Exclusion List allows to you create Custom Exclusions and ignore the selected file in future scans. With Create File Removal Script you can create a File Removal Script run to run on the target device and delete the selected file.
To view details of the discovered items you can expand each row individually or click to expand all rows with any identifiable information obfuscated.
As there may be a large volume of data discovered as part of this scan, we have included the filter options to return targeted information based on the selected data type: Default Data (all), Bank, Cards,DOB (Date of Birth), Licenses or SSN (social security type numbers).
Additionally there are pagination options to allow you to quickly and easily navigate between pages.
To export all the information from this section, regardless of filtering, click Download CSV data here.
Unprotected Data Scan Statistics
Provides information on the scan including its Elapsed Time, the Volumes Scanned, Files Scanned, Files With Suspect Data, Bytes Scanned and Suspected Instanced Found.
Vulnerabilities by Vendor Details
Where available this section contains details of those vendors where a vulnerability and / or missing patch was discovered for their products, including a list of potential fixes. To provide an indication of issue coverage for each of these vendors, the percentage of issues in the Report that are related to this vendor is also displayed.
Click a link in this section to open Vulnerability by Vendor Details focused on this vulnerability.
List information on the discovered vulnerabilities along with their CVSS score and an External Identifiers vendor reference and / or link to the National Vulnerability Database for additional details. To export the information from this section click Download CSV data here.
Network Port Details
Returns the open and listening TCP/IP Network Ports on the device and a link to the IANA Port References.
View as PDF
To view the Report as a PDF simply click the PDF Version to open the PDF Report in a new window. Please note that the PDF version contains the Unprotected Data Summary, Vulnerability Summary, Unprotected Data Details, Unprotected Data Scan Statistics, Vulnerabilities by Vendor Details and Network Port Details.
Please note that we are not responsible for the content of external sites.