Understand your security posture
The security posture overview gives you a quick snapshot of your web application security defenses. Status shown here fluctuates week-to-week, and you have the power to make improvements directly from this screen.
Select the security configuration you want to see
Currently, Security Hub shows your posture for one security configuration at a time, so you can view and address issues in each one. In the blue banner at the top of the screen, select the Security Configuration you want to see.
Posture at-a-glance
A quick overview of what youāre looking at when you land in Security Hub. Itās all designed to help you know where protections stand and to take action fast to plug any holes.
The chart on the top left gives a high-level posture overview. It shows
- your posture score, which youāll read more about in a minute
- the percentage posture score has improved or worsened in the past week
- ow youāre doing compared to others in your industry and geographic region
The Improve your score section on the top right, surfaces setup issues and provides links to learn more about them and take immediate action. Read on to learn more.
As you scroll down the page you can:
- view attack traffic by type and actions taken
- see the geographic areas where attacks come from
About scoring
Security posture score is a high-level indication of how effective your current web application security settings are. Itās an algorithmic measure from 0 to 1000 which indicates how prepared you are for attack. A score of zero is not at all prepared and 1000 is as prepared as possible.
Posture score scopeCurrently, the security posture score you see is for the security configuration you selected at the top of the screen (version thatās active on production). If you have multiple security configurations, view and address issues in one, then move on to the next one.
Scores fall into various grades, which help you see when to take recommended actions.
| Score | Grade | Description | Action |
|---|---|---|---|
| 800 to 1000 | Excellent | Ready for most attacks | Monitor regularly |
| 600 ro 799 | Adequate | Ready for most attacks with some gaps | Take recommended actions |
| 400 to 599 | Poor | Many vulnerabilities need attention | Take recommended actions soon |
| 200 to 399 | At risk | High-risk vulnerabilities need urgent attention | Urgently take recommended actions |
| 0 to 199 | Critical | Exposed openly to many threats | Immediately take recommended actions |
Scoring is based on factors like: the scope and breadth of protections youāve applied, your vulnerability to specific attack vectors, coverage for known vulnerabilities, and readiness to face evolving threats. Some factors are controlled by Akamai and others controlled by you. For example, our threat response team continually updates the WAF engine and other protections based on their advanced knowledge of the latest threats. These improvements are a vital part of your protections. For your part, as you close issues identified for you to fix, youāll see your score go higher.
Learn more about your score progress
Click Score contributors and look under each tab:
- Closed issues are problems lowering your score that you addressed yourself. Actions and improvements you make to improve your score are a main feature of Security Hub.
- Akamai improvements shows a list of releases and enhancements we make to continually enhance your security posture.
See and fix protection issues
Details about what youāve protected and how thoroughly are listed in the Improve your score section. For details on viewing and addressing protection shortfalls, read how to improve your score.
See how you compare to others in your industry
You see your score (in blue) alongside others in your industry and global region (in yellow).
This comparison looks back as far as 12 weeks. Its combined slice of industry-plus-region perspective is unique to Akamai security posture reporting. This view helps you understand how your defense posture compares to your direct peers.
View a full list of covered and uncovered assets
On the upper right of the screen, click Your assets to see an inventory overview showing which of your hostnames and APIs are covered by protections and those which are not.
To learn how to take action on uncovered assets, see Improve your score.
Filter by protection area
To focus on one protection category, like DoS or web application firewall, go to the top of the page and in the Protections area, mouseover percentage coverage scores. You see the protection area name and can click it to learn more. When you do so, the top two sections of the page change. You see:
- your posture score changes to a percentage-based score for the specific protection area you chose.
- issues under Improve your score are limited to only those pertaining to the protection area you chose.