LogoLogo
API DocumentationIntegrationsPlexTrac.com
  • Product Documentation
    • Using This Site
    • Security Advisories
    • Deployment and Maintenance Policy
    • Supported Applications
  • PlexTrac Modules
    • Dashboard
    • Clients
      • Clients Components
      • Creating a Client
      • Managing Clients
      • Managing Client Users
      • Adding Assets to a Client
      • Managing Assets
    • Schedule
      • Schedule Components
      • Creating an Engagement
      • Requesting an Engagement
      • Managing Engagements
      • Engagement Status
    • Assessments
      • Assessment Components
      • Managing Questionnaires
      • Starting an Assessment
      • Taking an Assessment
      • Reviewing an Assessment
      • Submitting an Assessment
    • Reports
      • Report Components
      • Creating a Report
      • Adding from NarrativesDB
      • Editing a Report
      • Using Short Codes in Reports
      • Findings
        • Creating a Finding
        • Collaborative Editing
        • Importing Findings from a File
        • CSV Findings Templates
          • Using Report Findings CSV Template
        • Importing Findings via an Integration
        • Importing Findings from WriteupsDB
        • Finding Status
        • Creating Jira Tickets
        • CVSS Scoring
        • Affected Assets
      • Importing a Report
      • Exporting a Report
    • Priorities
      • Priorities Components
      • Creating a Priority
      • Linking Findings and Assets
      • Managing Priorities
      • Priorities Metrics
    • Content Library
      • Types of Repositories
      • NarrativesDB
        • NarrativesDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Managing Sections
        • Creating a Section
      • WriteupsDB
        • WriteupsDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Writeup
        • Copying a Writeup
        • Adding to a Report
        • Importing via CSV Template
      • RunbooksDB
        • RunbooksDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Procedure
        • Creating a Technique
        • Creating a Tactic
        • Creating a Methodology
    • Analytics
      • Findings
      • Assets
      • Runbooks
      • Trends & SLAs
    • Runbooks
      • Managing Engagements
        • Starting an Engagement
        • Submitting an Engagement
      • Managing Test Plans
        • Creating a Test Plan
        • Exporting a Test Plan
  • Tenant Management
    • Account Management
      • Profile (Personal Settings)
        • Managing User Profile
        • Managing Password
        • Setting Up Two-Factor Authentication
      • Account Admin
        • Tenant Settings
          • Account Information
          • General Settings
          • Email Settings
          • Tags Settings
          • Service-Level Agreements (SLAs)
          • Short Codes
        • Customizations
          • Layouts
          • Templates
            • Report Templates
            • Export Templates
            • Style Guides
          • Theme
        • Automations
          • Risk Scoring
            • Creating Equations
            • Managing Priority Equations
          • Parser Actions
        • Integrations & Webhooks
          • Integrations (API)
            • Cobalt
            • Edgescan
            • HackerOne
            • Jira
            • ServiceNow
            • Tenable Vulnerability Management
            • Tenable Security Center
          • Webhooks
        • Security & User Management
          • Audit Log
          • Security
            • Authentication Methods
              • OAuth/OpenID Setup
                • Microsoft Entra ID
                • Google OAuth
                • Okta
                • OpenID Connect
              • SAML Setup
            • General Authentication Settings
            • Authorization
            • Role Based Access (RBAC)
              • Custom Roles
            • Classification Tiers
          • Users
            • Adding Users
            • Managing Users
        • Licensing
          • Licensing
          • Priorities
          • Plex AI
            • Using AI
        • White Labeling
      • Help Center
      • Logout
    • Integrations and File Imports
      • Acunetix
      • BlindSPOT
      • Burp Suite
      • Checkmarx
      • Core Impact
      • HCL AppScan
      • Invicti
      • Nessus
      • Nexpose
      • Nipper
      • Nmap (Assets)
      • Nmap Vulners NSE
      • Nodeware
      • NodeZero
      • OpenVAS
      • OWASP ZAP
      • Pentera
      • Qualys (VM Parser)
      • Qualys (Web App Scanner)
      • RapidFire
      • Scythe
      • Veracode
  • API Documentation
    • Overview
    • Concept Definitions
    • Getting Started
    • Retrieving Parameter IDs
    • Object Structures
      • Client Object
      • Report Object
      • Finding Object
      • Asset Object
      • Evidence Object
    • Use Cases
    • API Change Policy
      • API Change Log
    • Webhooks
      • Webhook Payload Structure
      • Verifying Sender Requests
Powered by GitBook

Resources

  • Privacy Policy
  • Terms of Use
  • Vulnerability Policy

© 2025 PlexTrac, Inc. All rights reserved.

On this page
  • Terminology
  • Default Equations
  • Findings Tab
  • Viewing the Score
  • Priorities Tab
  • Viewing the Score
  • Configuring Page View

Was this helpful?

Export as PDF
  1. Tenant Management
  2. Account Management
  3. Account Admin
  4. Automations

Risk Scoring

PreviousAutomationsNextCreating Equations

Last updated 6 months ago

Was this helpful?

The Risk scoring section under "Automations” in the Admin Dashboard allows admins to create formulas for producing dynamic risk and likelihood scores for findings and priorities.

If all equations are disabled, priorities will be scored by the likelihood and impact values selected in the priority.

Terminology

Contextual Score: The value generated from a contextual scoring equation.

Contextual Scoring Equation: A collection of variables, operators, rules and logic to generate a contextual score.

Equation Variable: A component of the equation representing an individual or an aggregate of fields from PlexTrac, such as Asset count, Finding Severity, and CVE. Equation variables are the building blocks of an equation.

Multiplier: A constant value multiplied against an equation variable's value. It can rapidly increase the weight a variable has on an equation.

Operator: Mathematical symbols that can be used in a Contextual Scoring Equation. Currently, an operator can only perform a "+" addition function.

Variable Rule: The logic and conditions that help determine a variable's weight and value within the equation. A variable can have multiple rules.

Default Equations

PlexTrac provides a default equation for each disabled tab, which can be toggled on by clicking the toggle bar under the "Enabled" column. These equations can be used as a starting block for creating custom equations.

They are identified as "Default" under the "Type" column and cannot be deleted.

Findings Tab

This tab lists all priority risk score equations and provides options to create and manage new ones. A client can enable only one equation at a time.

Viewing the Score

The finding score can be viewed under the finding detail section of a finding.

If the cursor hovers under the question mark icon and contextual scoring is enabled, the equation being used is listed.

Priorities Tab

This tab lists all priority risk score equations and provides options to create and manage new ones.

Viewing the Score

The priority score can be viewed under the progress bar on the Details tab of a priority.

If the cursor hovers under the question mark icon and contextual scoring is enabled, the equation being used is listed.

Configuring Page View

The table view for each tab can be customized by clicking the column view icon to the right of the search bar.

Once clicked, a modal appears that lists all fields. To remove a column, click X within the bar.

Fields that are required do not have an X available.

When fields are removed, an "Add Column" pulldown menu is added at the bottom left of the modal to store the field. Any removed fields can be added later by clicking Add Column and selecting the field to add.

This modal represents the sequence of fields provided in the table, meaning the bar on top will be the column on the table's far left.

The order of columns can be adjusted within this modal by clicking the six dots on the left of the bar for a field and dragging the bar to the desired sequence place.

Click Save when finished.