Security Score Formula

Risk Penalty

Weighted sum of percentile-normalized metrics:

Value Hacked

Total USD lost across known exploits.

Represents empirical proof of security failure.

Capital at Risk

Estimated exposure from unresolved vulnerabilities.

Derived from technique severity and historical exploit cost averages.

Hack Alignment

Measures overlap between unresolved findings and recent real attack techniques.

A protocol matching active exploit patterns is significantly riskier.

Mitigation Bonus

Resolution Rate

Protocols that fix vulnerabilities reduce exploit probability.

Audit Frequency

Frequent auditing reduces time-to-exposure.

Risk Tier Classification