Measuring Risk is the First Step to Reducing It
Security teams are flooded with alerts — but which issues deserve priority?
That’s why Breachfin assigns a Web Risk Score to every domain, scan, and event. It’s your simple, consistent way to track progress, report to leadership, and spot high-risk areas instantly.
What Goes Into the Score?
Breachfin’s risk scoring system evaluates over 50 signals across:
1. Script Integrity
- Unexpected hash changes
- Use of
eval(),Function(), or obfuscated code - Newly injected third-party domains
2. SSL/TLS Configuration
- Expiring or expired certificates
- Weak cipher usage
- Self-signed or mismatched certs
3. Security Headers
- Missing or misconfigured CSP
- Lack of HSTS, X-Content-Type-Options, or Referrer-Policy
4. DOM Integrity
- Suspicious runtime DOM changes
- Unusual event listeners or hidden inputs
- Shadow scripts and rogue iframes
Each category is weighted based on severity, impact, and exploitability.
What the Scores Mean
| Risk Score | Risk Level | Suggested Action |
|---|---|---|
| 90–100 | Excellent | Maintain monitoring |
| 70–89 | Moderate | Review flagged warnings |
| 50–69 | At Risk | Fix critical issues ASAP |
| Below 50 | Critical | Immediate remediation required |
Why It Matters
- Track risk trends over time
- Compare domains or environments
- Share summaries with executives or auditors
- Drive remediation with measurable KPIs
Risk scores are updated after every scan and viewable in your Breachfin dashboard and via API.
Final Thoughts
Security data is powerful — but only if you can prioritize and act.
Breachfin’s Web Risk Scoring framework turns technical results into operational clarity, helping your team stay ahead.
Ready to get your domain’s risk score? Run your first scan today at breachfin.com
