CVSS

You can use CVSS (Common Vulnerability Scoring System) to better assess the security of your products. CVSS is a standardised system for rating the severity of vulnerabilities in information systems.

It includes a number of metrics such as attack type, privilege level, impact on confidentiality, data integrity and availability.

Appsec Portal has support for two versions of the standard: 3.1 and 4.0.

By set up the CVSS role and defining the appropriate vectors for your products, you can more accurately determine the level of risk and potential security threats.

You can also manually assign an CVSS vector for your finding

This information will appear in your reports and help your team take more effective action to secure and protect your products.