Evaluate your company's exposure to CVEs and how you compare to global averages.
To better assist you in determining and responding to your company's vulnerabilities,
Trend Micro designed certain metrics to complement each other for
greater clarity.
The Highly-Exploitable CVE Density and Vulnerable Endpoint Percentage work together
to help you
tailor your response to vulnerable endpoint threats. The Vulnerable Container Cluster
Percentage
adds context regarding your exposure to CVEs in containers.
Metric
|
Description
|
Example
|
||
Highly-Exploitable CVE Density
|
Calculated from the total number of detected highly-exploitable CVEs divided by the
total
number of endpoints with Vulnerability Assessment enabled (Total highly-exploitable
CVEs /
Total endpoints with Vulnerability Assessment)
Highly-Exploitable CVE Density calculations occur daily. Weekly and monthly averages
use a
simple average calculation based off the daily values.
|
Total endpoint count: 3
Highly-exploitable CVE density (Total highly-exploitable CVEs / Total endpoints with
Vulnerability Assessment):
(2+4+0) / 3 = 2.0
|
||
Vulnerable Endpoint Percentage
|
Calculated from the total number of endpoints with detected highly-exploitable CVEs
divided by the total number of endpoints with Vulnerability Assessment enabled (Total
endpoints with vulnerabilities / Total endpoints with Vulnerability Assessment * 100).
Vulnerable Endpoint Percentage calculations occur daily. Weekly and monthly averages
use a
simple average calculation based off the daily values.
|
Vulnerable Endpoint Percentage (Total endpoints with vulnerabilities / Total endpoints
with Vulnerability Assessment * 100):
5 / 25 * 100 = 20%
|
||
Vulnerable Container Cluster Percentage
|
Calculated by dividing the total number of container clusters with detected
highly-exploitable CVEs by the total number of container clusters with Vulnerability
Assessment enabled (Total container clusters with vulnerabilities / Total container
clusters
with Vulnerability Assessment * 100).
Vulnerable Container Cluster Percentage calculations occur daily. Weekly and monthly
averages use a simple average calculation based off the daily values.
|
Vulnerable Container Cluster Percentage (Total container clusters with vulnerabilities
/
Total container clusters with Vulnerability Assessment * 100):
13 / 37 * 100 = 35%
|
||
Vulnerable Cloud VM Percentage
|
Calculated by dividing the total number of cloud VMs with detected highly-exploitable
CVEs
by the total number of cloud VMs with Vulnerability Assessment enabled (Total cloud
VMs with
vulnerabilities / Total cloud VMs with Vulnerability Assessment * 100).
Vulnerable Cloud VM Percentage calculations occur daily. Weekly and monthly averages
use a
simple average calculation based off the daily values.
|
Vulnerable Cloud VM Percentage (Total cloud VMs with vulnerabilities / Total cloud
VMs
with Vulnerability Assessment * 100):
20 / 100 * 100 = 20%
|
||
Vulnerable Image Percentage
|
Calculated by dividing the total number of container images with detected
highly-exploitable CVEs by the total number of container images with Vulnerability
Assessment enabled (Total container images with vulnerabilities / Total container
images
with Vulnerability Assessment * 100).
|
Vulnerable Image Percentage (Total container images with vulnerabilities / Total container
images with Vulnerability Assessment * 100):
25 / 100 * 100 = 25%
|
![]() |
Important
|
Example Scenario
Company A
|
Company B
|
|
|
Even though the CVE Density values for both companies are the same (10.2), the risk
profiles are very different.
Examining both metrics can help a company determine the best method to reduce the
CVE
vulnerability.
|