Understand
your Hackability Score
Measure your cyber security progress with a trackable KPI
Use cases
- Real-time KPI: Track your IT security progress with a clear and actionable score
- Benchmarking: Set realistic goals by comparing yourself to industry peers
- Instead of relying just on CVSS scores, use Autobahn's Hackability Score to include potential business impact
How it works
- Autobahn first categorizes each vulnerability based on potential impact to your organization on a scale of 1 (low risk issue) to 4 (critical risk issue)
- Next, a proprietary formula calculates the Hackability Score per vulnerability
- Afterwards, we calculate the absolute Hackability Score which is the sum of the individual Hackability Score across all assets
- Finally, we normalize this Hackability Score by benchmarking you to industry peers and provide you the opportunity to compare yourself to them
Frequently asked questions
Do you use standards regarding the calculation of the Hackability Score?
Autobahn gathers threat intelligence from four sources: dark web chatter, honeypot research, SRLabs consulting experience and CVSS scores.
Our Hackability Score is directly correlated to real threats by not just using the CVSS scoring of a vulnerability.
How does Autobahn's industry benchmarking work?
Autobahn's industry benchmarking is based on a comprehensive data set that we regularly update. This allows you to compare your Hackability Score to a peer group that is relevant to you, both in size and industry.
Autobahn also allows you to benchmark your results against your previous reports to show the progress of remediating your vulnerabilities since your last scan. This can help your IT security team setting their KPI's, or let you decide whether external help is necessary.
Why is Autobahn comparing my company to industry peers?
Autobahn helps you understand the security posture of your company.
Comparing you to similar-sized industry peers allows you to understand if you are more vulnerable and thus need to step up your remediation efforts, or helps you focus security best practice areas where you underperform.
