Severity criteria
info
The English user guide is currently in beta preview. Most of the documents have been automatically translated from the Japanese version. Should you find any inaccuracies, please reach out to Flatt Security.
The severity of findings detected by Cloud Diagnostics is classified as follows.
Severity | Description |
---|---|
Critical | This indicates the possibility that a resource is already compromised due to a vulnerability that can be exploited immediately. |
High | This indicates the possibility that a resource with a security misconfiguration is vulnerable, depending on the situation, because multi-layered defense is not implemented for the resource. |
Medium | This indicates either that a resource with a security misconfiguration exists, but multi-layered defense is partially implemented for the resource, or that an issue could make it difficult to investigate or could expand the impact of an incident. |
Low | This indicates either that a resource with a security misconfiguration exists, but multi-layered defense is sufficiently implemented for the resource, or that a minor issue could make it difficult to investigate or could slightly expand the impact of an incident. |
Info | This provides information about practices for using public clouds more securely. |