search
Get FDA readyServicesGuardian helpGet a demo

Why should I rescore vulnerabilities?

You can create rescore profiles to rescore the CVSS 3.x score for all vulnerabilities across a product version. You can also rescore individual vulnerabilities. As you assess and set these metrics, you'll see the rescored value and CVSS vector string updating accordingly.

Unlike upgrading to a new version of applying a patch, rescoring does not require you to upload a new version of your SBOM.

hashtag
Why should I rescore?

hashtag
Focus on the most critical and exploitable issues first

By rescoring, you can concentrate on the dependency components impacted by the most exploitable vulnerabilities first, ensuring that you've assessed the fixability of a vulnerability, your overall level of confidence on the information reported for a particular vulnerability, the importance of the affected dependency component based on its placement in your infrastructure.

hashtag
Scalable and repeatable scoring method

By rescoring based on your particular device's environment and usage, you can often reduce the severity of a particular vulnerability or of all vulnerabilities that impact a particular product version. You can save and apply a profile, giving you the benefit of a scalable, repeatable vulnerability scoring method to help you analyze and mitigate risk more quickly, ensuring patient safety and paving your way to FDA cybersecurity approval for your product submissions.

hashtag
Save months of R&D cost

More automated rescoring removes bias from your risk assessment methodology, while incresaing efficiency. It frees your engineers up to concentrate on your company's future, rather than spending weeks and months manually rescoring vulnerabilities, a task which also contributes to attrition.

hashtag
Maximize ROI and reduce timelines

You can also identify and implement strategic changes to your risk mitigation strategies to maximize ROI and reduce unexpected delays, helping to improve business outcome, timelines, and product security design scope.

Ensure that you understand the impact of the recent regulatory changes included in the Patch Act, as well as the likelihood that the FDA will flag your submissions for connected devices due to cybersecurity deficits.

Understand the CVSS vulnerability scoring systemchevron-rightUnderstand issue severity levelchevron-right

hashtag
Rescore product versions and individual vulnerabilities

Rescore an individual vulnerabilitychevron-rightRescore all vulnerabilities for a product versionchevron-right
PreviousFind out if a vulnerability impacts your productsNextRescore an individual vulnerability

Last updated

Was this helpful?