calculateRisk

Usage

The calculateRisk function determines the overall risk severity by combining probability and impact levels using a predefined risk matrix.

Syntax

{probability | calculateRisk:impact}

Parameters

• probability (string): The probability level - one of: “Informational”, “Low”, “Medium”, “High”, “Critical”
• impact (string): The impact level - one of: “Informational”, “Low”, “Medium”, “High”, “Critical”

Returns

A string representing the calculated risk severity: “Informational”, “Low”, “Medium”, “High”, “Critical”, or “Unknown” if invalid inputs

Risk Matrix

Probability / Impact	Informational	Low	Medium	High	Critical
Informational	Informational	Informational	Low	Medium	Medium
Low	Informational	Low	Low	Medium	Medium
Medium	Low	Low	Medium	High	High
High	Medium	Medium	High	Critical	Critical
Critical	Medium	Medium	High	Critical	Critical

Examples

Basic risk calculation

{"High" | calculateRisk:"Medium"}
// Returns: "High"

Using with vulnerability data

{vulnerability.probability | calculateRisk:vulnerability.impact}
// Calculates risk based on vulnerability's probability and impact

Low probability, high impact

{"Low" | calculateRisk:"Critical"}
// Returns: "Medium"

High probability, low impact

{"High" | calculateRisk:"Low"}
// Returns: "Medium"

Critical scenarios

{"Critical" | calculateRisk:"Critical"}
// Returns: "Critical"

{"High" | calculateRisk:"High"}
// Returns: "Critical"

Use Cases

• Vulnerability risk assessment in security reports
• Prioritizing remediation efforts based on combined risk factors
• Standardizing risk scoring across different assessment types
• Creating risk matrices in penetration testing reports