Skip to main content

Severity criteria

info

The English user guide is currently in beta preview. Most of the documents have been automatically translated from the Japanese version. Should you find any inaccuracies, please reach out to Flatt Security.

The severity of findings detected by Cloud Diagnostics is classified as follows.

SeverityDescription
CriticalThis indicates the possibility that a resource is already compromised due to a vulnerability that can be exploited immediately.
HighThis indicates the possibility that a resource with a security misconfiguration is vulnerable, depending on the situation, because multi-layered defense is not implemented for the resource.
MediumThis indicates either that a resource with a security misconfiguration exists, but multi-layered defense is partially implemented for the resource, or that an issue could make it difficult to investigate or could expand the impact of an incident.
LowThis indicates either that a resource with a security misconfiguration exists, but multi-layered defense is sufficiently implemented for the resource, or that a minor issue could make it difficult to investigate or could slightly expand the impact of an incident.
InfoThis provides information about practices for using public clouds more securely.