Cluster Inspection Scoring Policy #161
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
Comments
panzhen6668
added
the
kind/feature
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
How to better score clusters
refer to https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System
The following three methods of scoring policy
一.Simple weighted calculation
1.First count the total check items weighting;
totalWeight = Success * 2 + Warning*1 + Danger * 2 (ingore excluding)
2.Then calculate according to the ratio;
score = Success * 2 / totalWeight * 100
eg.
{
"scoreInfo": {
"score": 79,
"dangerous": 10,
"passing": 50,
"ignore": 5,
"warning": 7,
"total": 72
}
}
score: 50 * 2 / (10 * 2 + 50 * 2 + 7 * 1) * 100=79
二.Multiply by an availability factor (0.8-1) on the basis of the first method above, this availability factor can be dynamically valued according to the current vulnerability situation.
score=(Success* 2 / totalWeight * 100) * factor
三. Expand the weighting range to NS
Give different weighted values according to different namespaces: for example, the weighted value of kube-system is 3, the weighted value of no namespace is 2, and the ordinary namespace is 1.
totalWeight = kube-system score + no namespace score + other namespace score
success score = kube-system.Success3 + no namespace.Success2 + other namespace.Success*1
total score = (success score / totalWeight * 100)
more other methods ...
The text was updated successfully, but these errors were encountered: