BlackfishID

The security score indicates an organization’s exposure level based on active controls and unresolved alerts. It serves as an objective, visual real-time risk metric, helping security teams and stakeholders make informed decisions.

This metric aligns with the NIST Cybersecurity Framework, mapping controls and findings to the functions Identify, Protect, Detect, Respond, and Recover. Alignment with NIST ensures adherence to a recognized standard and eases audit and compliance processes.

Assessment of active controls: Review the status and effectiveness of each enabled security control.

Classification of pending alerts: Group unresolved alerts by severity level (critical, high, medium, low) and count their occurrences.

Aggregation with severity weighting: The algorithm penalizes more severe alerts more heavily, combining volume and criticality to yield a value between 0 and 100.

1. Assessment of active controls: Review the status and effectiveness of each enabled security control.
2. Classification of pending alerts: Group unresolved alerts by severity level (critical, high, medium, low) and count their occurrences.
3. Aggregation with severity weighting: The algorithm penalizes more severe alerts more heavily, combining volume and criticality to yield a value between 0 and 100.

High exposure. Requires immediate attention and urgent action.

Significant exposure. Prioritize remediation of serious alerts.

Moderate exposure. Maintain active monitoring and resolve outstanding issues.

Strong posture. Continue maintenance and monitoring.

- 0–32: Critical Risk
 High exposure. Requires immediate attention and urgent action.
- 33–65: High Risk
 Significant exposure. Prioritize remediation of serious alerts.
- 66–99: Medium Risk
 Moderate exposure. Maintain active monitoring and resolve outstanding issues.
- 100: Low Risk
 Strong posture. Continue maintenance and monitoring.

These ranges help quickly identify urgency level and guide resource allocation.

Clear visibility: Enables teams and leadership to instantly see security status.

Effort prioritization: Focuses resources on critical alerts that most affect the score.

Effective communication: Facilitates internal and external reporting with quantitative metrics.

Compliance and audit support: Demonstrates alignment with NIST and best practices, aiding regulatory reviews.

Benchmarking and evolution: Allows comparison of the score over time to measure the impact of improvement initiatives.

- Clear visibility: Enables teams and leadership to instantly see security status.
- Effort prioritization: Focuses resources on critical alerts that most affect the score.
- Effective communication: Facilitates internal and external reporting with quantitative metrics.
- Compliance and audit support: Demonstrates alignment with NIST and best practices, aiding regulatory reviews.
- Benchmarking and evolution: Allows comparison of the score over time to measure the impact of improvement initiatives.

By identifying and resolving alerts before they escalate, you reduce:

- Security breaches
- Data loss
- Operational disruptions
- Regulatory risks and penalties

Resolve alerts by severity: Prioritize critical alerts first, then address lower-severity issues.

Enable and strengthen controls: Ensure all available controls are active and properly configured.

Periodic reviews: Conduct internal audits of devices, configurations, and policies.

Response automation: Implement playbooks for early detection and remediation of new alerts.

Ongoing training: Educate teams on risk identification and best practices to reduce recurring alerts.

Real-time monitoring: Ensure any relevant change updates the score immediately, reflecting the actual posture.

- Resolve alerts by severity: Prioritize critical alerts first, then address lower-severity issues.
- Enable and strengthen controls: Ensure all available controls are active and properly configured.
- Periodic reviews: Conduct internal audits of devices, configurations, and policies.
- Response automation: Implement playbooks for early detection and remediation of new alerts.
- Ongoing training: Educate teams on risk identification and best practices to reduce recurring alerts.
- Real-time monitoring: Ensure any relevant change updates the score immediately, reflecting the actual posture.

The platform recalculates the score in real time as device states, alerts, and controls change. Whenever an alert is created or resolved, or a control is modified, the score updates instantly to reflect current exposure.

NIST-based score measuring real-time exposure to prioritize controls and prevent breaches via proactive management.

About the Security Score

Haz clic aquí para ver nuestro roadmap de funcionalidades.

Click here to view our feature roadmap.

Roadmap

Website

Legal Notice & Privacy Policy

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

About the Security Score

Introduction

NIST Basis

Score Calculation

Risk Ranges

Importance and Benefits

Incident Prevention

How to Improve the Score

Automatic Update