You can find the various risk scores in several location in the UI including the Apps Grid on the Apps page or in App Details for individual apps.
The Cisco Cloudlock Risk Score determines what risk an app presents when installed in an environment, based on three criteria:
- The Access Scope Risk Score
- The Community Trust Rating
- A generalized “Industry Risk Score” produced by the Cisco Cloudlock Cyberlab Team. This Cyberlab performs internal research about the app and the vendor behind it. This includes financial viability, various certifications (such as HIPPA, PCI, etc) and how the cloud service is typically used (e.g. data storage, type of data). The Cyberlab also compares what other vendors have determined about these apps (e.g. Checkpoint, PAN and IBM) based on their own indexes with risk scores for various apps.
The Risk Score classifications are Very Low, Low, Medium, High and Critical.
Apps can have several access scopes, ranging from low to high in terms of riskiness, but the overall Access Scope Risk Score is calculated by totaling the riskiness of all scopes.
The community of Cisco Cloudlock customers with Apps Firewall and their classification of the app as Trusted or Banned determines The Community Trust Rating. Each app starts with a value of 50% and increases if the app is generally trusted, or decreases if the app is frequently banned.
Updated about a year ago