Glossary

Selected Scan / Current Scan

FSProtect enumerates target environments through periodic or on-demand scans. The FSProtect web interface displays data only from the currently selected scan. Users can switch between scans using the combo box in the left navigation bar. Before analyzing results, ensure that the correct scan is selected.

Risk / Risk Score

FSProtect calculates risk scores for scans and objects based on multiple metrics and categories. These scores represent the relative security risk of objects or scans within the analyzed environment.

Object / Entity

The term Object or Entity refers to identity, security, or configuration objects within a supported environment analyzed by FSProtect. FSProtect enumerates and analyzes different object types depending on the environment being scanned.

Relation

The term Relation refers to the connections between objects within an environment as identified and analyzed by FSProtect.

Relations represent how one object can affect, control, or gain influence over another object. FSProtect enumerates and analyzes various types of relations depending on the environment being scanned.

Risky

Risky objects are objects with a risk score greater than 50.

FSProtect uses the Risky classification to highlight objects that represent a higher security risk within the analyzed environment based on calculated risk metrics.

Issue

An Issue represents a vulnerability, misconfiguration, dangerous privilege, or relationship that can pose a security risk within an environment analyzed by FSProtect.

Issues highlight conditions that may lead to privilege escalation, lateral movement, or compromise of critical objects.

Tag

Tags are labels attached to issues to categorize, group, and simplify the understanding of identified security risks.

Tags help organize issues based on their characteristics, affected components, or security themes.

Impact / FSProtect Impact Name

Impact (FSProtect Impact Name) is a special classification attached to issues to describe their potential effect on the security posture of the environment.

It indicates what type of damage or control an issue may enable if exploited.

Severity

Severity represents the risk level of an issue based on its potential impact and likelihood.

FSProtect classifies severity as:

• Info

• Low

• Medium

• High

• Critical

Ease of Mitigation

Ease of Mitigation indicates the level of effort required to remediate or mitigate an issue.

Ease of Detection

Ease of Detection indicates the level of effort required to detect the exploitation or abuse of an issue.

Ease of Deception

Ease of Deception indicates the level of effort required to implement deceptive countermeasures related to an issue.

Exploitation Privilege

Exploitation Privilege refers to the level of permission or access an attacker must have in order to exploit a specific issue.

This may include standard user access, elevated privileges, or administrative permissions.

Exploitation Certainty

Exploitation Certainty indicates the likelihood that an issue can be successfully exploited based on technical feasibility and environmental conditions.

Path / Attack Path

An Attack Path represents a sequence of relationships that allow one object to compromise or control another object.

FSProtect identifies attack paths by analyzing how relationships between objects can be chained together to achieve higher privileges or broader impact.

Dangerous Path

A Dangerous Path is a type of attack path in which lower-privileged objects can ultimately compromise higher-privileged or critical objects through a combination of relationships.