Your security rating ranges from 0 to 950. The higher the rating, the more effective your organization's security practices. 

To produce your organization's security rating, we take a weighted average of all the security ratings of your domains and IP addresses as well as the security ratings of all the monitored vendors you have marked as in-use. We then apply a gaussian averaging algorithm to weigh lower scores more heavily to ensure low scores aren't masked by high averages.

Individual domain scores in turn are composed of a weighted sum of the risks that have been identified for each domain, with more severe risks weighting a score down more. 

Additionally, if you any of your monitored vendors have completed a security questionnaire, any identified risks will also factor into their score, and in turn your score if you have marked them as in-use. 

To learn more, read our post on how UpGuard's security ratings are calculated

As your security rating reflects your own security practices, the best way to improve your score is to mitigate the risks identified in the UpGuard platform. 

Risks identified on your own domains are weighted higher than those identified in your in-use vendors. You should therefore start by focusing on your own external risk posture. 

To find your high severity risks, navigate to your Risk Profile or click here.

To see more information about an identified risk and which sites are affected, simply click on risk in the "Risk details" table below the UpGuard CyberRisk Rating section.

After you've remediated your own risks, turn our focus to your in-use vendors. 

You can do that by clicking on the "Vendors" menu item under "VENDOR RISK" in the sidebar, or by clicking here.

Choose an in-use vendor by clicking on their name. You'll be taken to their Vendor Summary page where you can request remediation of identified risks by clicking the "Request remediation" button.

See our guide on requesting vendor remediation for more information. 

Did this answer your question?