Jamf Protect's endpoint and network protection capabilities use threat severity and calculated risk scores to help measure the security of your devices.
Threat severity ranges from one (least severe) to five (most severe). Jamf applies a default severity value to each. However, you can edit the Severity column of each threat in your threat prevention policy to meet your organization's needs.
Jamf uses the following to calculate risk:
The likelihood of a vulnerability being exploited and the severity of the impact if it were.
A proprietary algorithm based on the severity and quantity of threats detected on a device to calculate the risk score. Devices are assigned one of the following categories depending on the score: Secure, Low Risk, Medium Risk, or High Risk.
Company-wide risk score is derived from all of the organization's combined risk scores to allow you to assess the overall security posture of your mobile deployment in a single glance.
In Jamf Security Cloud on , further Device Risk Grouping is also used to help you focus on devices with the most critical issues. This is based on the device's risk profile and allows for improved correlation between the devices and the threats in the page.