Techniques are described herein for quantifying a security impact of network vulnerabilities (e.g., hardware/software/configuration) on a network. The security impact quantification is calculated by weighting a configuration vulnerability score and an infrastructure security vulnerability score with a Vulnerability Reach Index (VRI). The VRI is an indication of the depth in the network of the impact of a vulnerability.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.