Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Create a Support Ticket
  • Partner Portal
  • CYRISMA MSP Dashboard
  • Home
  • General Questions and Troubleshooting
  • Scanning Troubleshooting

Understanding Grades for Targets Scanned in a Data Scan

When performing data scans, you may notice that the risk grid assigns grades ranging from A+ to F for scanned targets, such as IP addresses, bank account numbers, or other types of data. This article explains the rationale behind these grades to help you better understand the risks associated with different data types.

Written by Liam Downward

Updated at December 27th, 2024

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • User Manual
    Overall Risk Dashboard Agent Status Report Builder Data Scan Vulnerability Scan Secure Baseline Compliance Mitigation Dark Web MSP Interface Instance Admin
  • Self Onboarding Guide
  • Agents
  • The Cyber Risk Assessment Process
  • PSA Integrations
  • General Questions and Troubleshooting
    Agent Troubleshooting Scanning Troubleshooting
  • The Cyber Risk Assessment Process (Video Tutorials)
  • Sales and Prospecting Articles
  • CYRISMA Partner Portal Access
  • Glossary
  • API Documents
  • CYRISMA Change Log
  • Support Ticket SLA
  • Billing Questions
+ More

Table of Contents

1. What Does an A+ Grade Indicate? 2. What Does an F Grade Indicate? 3. Why Do Grades Differ So Much? 4. Practical Implications 5. Summary

1. What Does an A+ Grade Indicate?

An A+ grade typically reflects that the scanned item is low-risk when considered on its own. For example:

Standalone IP Addresses:
An IP address on its own generally poses minimal risk because it lacks meaningful context. If someone were to access just the IP address without any accompanying information (e.g., internal network access or related credentials), it would not be particularly valuable or dangerous.

The A+ grade here indicates that while it’s helpful to locate IP addresses within your files for organizational or operational purposes, these items are not inherently high-risk from a customer data standpoint.


2. What Does an F Grade Indicate?

An F grade signifies that the scanned item represents a high-risk data type that could be exploited, even on its own.

Example: Bank Account Numbers
A bank account number carries significant risk if exposed because:

  • It includes critical financial details such as prefixes and account identifiers.
  • A malicious actor could potentially use it to access or exploit financial systems, especially when combined with additional information.

3. Why Do Grades Differ So Much?

The disparity between grades like A+ and F arises because of the context and standalone risk of the data type:

  • A+ Data: Items like IP addresses, when exposed without other supporting information, are unlikely to lead to significant harm.
  • F Data: Items like bank account numbers are inherently sensitive and can lead to exploitation even without additional context.

This grading system is designed to prioritize remediation efforts on items that pose the highest risk to security and privacy.


4. Practical Implications

The grading system serves as a guideline for assessing and addressing risks:

  • Low-Risk Items (A+): Use these grades to identify data that may need further context for business or operational purposes but does not require urgent action.
  • High-Risk Items (F): Focus remediation efforts on securing or removing this data to minimize the potential for breaches or exploitation.

5. Summary

The grades in the risk grid are assigned based on the potential impact of exposing the scanned target:

  • A+ Grade: Low-risk items that have minimal standalone value (e.g., IP addresses).
  • F Grade: High-risk items that are inherently sensitive and exploitable (e.g., bank account numbers).

Understanding these grades helps you prioritize your security efforts and maintain robust data protection practices.

grades targets a f a+

Was this article helpful?

Yes
No
Give feedback about this article

How can we improve this article?

Share additional info and suggestions

Related Articles

  • Understanding CYRISMA Scoring and How to Improve Your Grades
  • Provisioning and Reporting API Guide
  • Can Vulnerability and Secure Baseline Scanning Be Conducted on Disconnected Machines?

Partners
pax8
CDW
Stellar Cyber
RedSky Alliance

Request A Demo
Platform
  • Platform Overview
  • Resellers
  • Managed Service Providers
  • Request A Demo
  • Platform Overview
  • Resellers
  • Managed Service Providers
  • Request A Demo
Resources
  • Case Studies
  • White Papers
  • Videos
  • Blog
  • Press Release
  • Events
  • Case Studies
  • White Papers
  • Videos
  • Blog
  • Press Release
  • Events
Contact Us
Address: 510 Clinton Square, Rochester, New York, USA, 14604

Email: info@cyrisma.com

Phone: 1-585-620-2496

Easiest To Do Business With Summer 2023
Category Leader Channel Program
Capterra
Software Advice

Terms of Use          Privacy Policy

Copyright © 2024 – Data Spotlite, Inc All rights reserved.
Expand

Definition by