Utilize predictive risk score

Predictive risk scoring in Invicti Platform helps you prioritize your web assets prior to scanning by giving an indication of how likely each website is to have vulnerabilities.

This guide explains how to use Predictive risk scoring to order and filter your discovered web assets based on their Risk Score, so you can focus on scanning and fixing your most vulnerable websites first.  

Enable or disable Predictive risk scoring

To start using Predictive risk scoring, you first need to ensure that the feature is enabled in the Discovery Settings by following the steps below:

1. Select Discovery > Configuration from the left-side menu.
2. In the General section select Yes to enable or select No to disable the Predictive risk scoring.
3. Click Save.

Use Predictive risk scoring

Predictive risk scoring runs in the background as part of Discovery. Risk scores are displayed on the Website discovery page for each of the discovered web assets. Filtering and sorting your discovered web assets according to their risk score allows you to easily determine which sites to scan immediately and which sites can be scanned next.

View risk scores

1. Select Discovery > Website discovery from the left-side menu.
2. The Website Discovery page displays a table with details of each web asset that has been detected by Invicti.

3. The third column in the table displays the risk score for each web asset. The possible risk scores are:

• Critical: The site is predicted to have at least one critical severity vulnerability. 
• High: The site is predicted to have at least one high severity vulnerability.
• Medium: The site is predicted to have at least one medium severity vulnerability.
• Low: The site is predicted to have at least one low severity vulnerability.
• Undetermined: Invicti was unable to calculate a risk score for the site.
• Temporarily Offline: A risk score cannot be calculated at this time. Try again later.
• Scoring Queued: The risk score will be calculated soon and will update its state once complete.
• Refreshing Score: The risk score is being refreshed and will update its state once complete.

Filter by Risk Score

1. Click + Add a filter above the Discovery results table.
2. Select Risk score from the drop-down menu.

3. Select a risk score from the drop-down. Your web asset discovery results are now displayed according to the filter you specified.

4. To clear your filter settings, click Reset filters at the top of the Discovery table.

Sort by Risk Score

1. In the Website discovery results table heading bar, click on the Predictive risk score heading.
2. Your web asset discovery results are now displayed in ascending or descending priority order (depending on the direction of the arrow).

Refresh Risk Score results

1. Enable the checkboxes on the left of the Discovery results table to select web assets to refresh their Risk Score.
2. Click Bulk actions > Refresh Risk. This sends a new request to calculate the risk score prediction.

3. The Website discovery page will be reloaded, and the enabled websites will have the Refreshing score status until it's completed.

Create Targets for scanning

After using the Risk Score information to identify your most vulnerable web assets, you can create Targets for those web assets to immediately start scanning them for vulnerabilities. (For more information about targets, refer to the What is a target? document)

1. On the Website discovery page, use the checkboxes on the left of the table to select web assets to create Targets.
2. Click Add Target.

3. Add a Name for each new Target.
4. Click Add targets.

Your newly created targets are now displayed on the Inventory > Targets page.

If you now return to the Discovery page, the Domain column populates with the date and time when the Target was created for the listed web asset.

Further resources

For more information about scanning Targets, refer to the following documentation:

• Configuring targets
• Launching scans
• Configuring scan profiles