Security Rating Improvement Guide

Take action to improve your security rating and overall security posture.

Caitlin Postal avatar
Written by Caitlin Postal
Updated over a week ago

Security ratings in UpGuard range from 0 to 950. A higher rating indicates more effective security practices.

You will need to take action within UpGuard and internally among your own systems to improve your security rating. This guide provides four actions you can take to improve your security rating with UpGUard.

Start with most urgent risks

Because risks with high severity ratings will have more impact on your security rating, we recommend attending to these risks first. You can sort risks by severity within UpGuard. By default, higher severity risks appear at the top of the list.

For more information on how we calculate security ratings, read the article on How are UpGuard's Security Ratings Calculated?.

Remediate risks in UpGuard

As your security rating reflects your organization's security practices, the best way to improve your score is to remediate the risks identified in the UpGuard platform. Risks identified on your own domains are weighted higher than those identified in your in-use vendors. You should therefore start by focusing on your own risk posture. You can use UpGuard’s remediation planner to estimate potential score changes that will result from your remediation plans.

You can identify high severity risks in the Risk details section of your Risk Profile in BreachSight.

Screencapture of the Risk details section

You can sort risks by severity using the Sev column. By default, the highest severity risks appear at the top.

Selecting an individual risk will expand the details view, which includes additional information about the risk and which assets are impacted by the risk. You can also use this expanded view to initiate the remediation process for that risk.

Screencapture of an FTP risk finding expanded in the Risk details section. The impacted asset is redacted.

To initiate remediation for risks impacting your vendors, navigate to the Vendors section of Vendor Risk and select a vendor that you monitor.

From that vendor's Vendor Summary page, you can begin a new remediation request. You can also navigate to that vendor's Risk Profile and assess risks by severity before opening a remediation request with that vendor.

Follow our guides for how to use the remediation workflow:

Close unnecessary ports

UpGuard scans for open ports and identifies services running on those ports. While open ports aren't necessarily dangerous, they can expose vulnerable services that are misconfigured, unpatched, vulnerable to exploits, or have poor network security.

Any ports that are not in active use can be closed to limit potential exploitation. If a port must stay open for a business-specific reason, evaluate whether you can limit access by putting it behind a firewall or VPN, or only allowing your owned IPs to access it.

You can monitor your ports for potential vulnerabilities and take action if an open port is compromised. To learn more about what services we scan, read the article on What services does UpGuard identify with port scanning?

As a continuous monitoring tool, UpGuard will notify you of all open ports so that you can evaluate the potential risk exposure for your business. If your organization has determined to keep certain ports open and accessible for business reasons, you can create an internal risk waiver in UpGuard to clarify that decision for your internal team.

Decommission inactive domains

If you have included domains among your assets and those domains are no longer in use, you can decommission those domains to take them out of use. To decommission a domain quickly and efficiently, remove all DNS records for it.

UpGuard automatically detects inactive domains that do not respond to HTTP requests, have no open ports, and do not have an MX record. We classify these as inactive domains that will be scanned on a monthly basis rather than the typical daily scan. If you open a port or set up an MX record for an inactive domain, it will move back into your active list when our scans register the change.

For more information about inactive domains, read the article on What's the difference between an active and inactive domain?

Further reading

Did this answer your question?