Actionable Insights

Identified areas or weaknesses in your security measures, such as known vulnerabilities or missing controls, that can be addressed to reduce the likelihood of a security incident or minimize its impact. Taking action on these insights, like patching known vulnerabilities or implementing missing controls, can help improve your overall security posture and mitigate potential risks.

Annual Frequency

Annual Frequency is the expected number of loss events in a year.


  • 1 time in 4 years (.25 per year)
  • 1 times in 10 years (.10 per year)
  • 2 times in 1 year (2 per year)
Annualized Loss

It combines loss magnitude and the likelihood of a loss occurring. 

This may reflect total yearly losses from multiple events or proportional loss for a once-in-X-year event. 

Annualized Loss is used to compare risks, considering the likelihood and loss magnitude together.


  • 10th Percentile: 10% of all annualized losses are lower than this.
  • Average: Mean annualized loss (can be lower or greater than the shown percentiles).
  • 90th Percentile: 90% of all annualized losses are lower than this.

Components like servers, endpoints, and serverless technologies that form the group's infrastructure or environment.

Attack Surface

The sum total of all the people and assets through which an attacker can potentially compromise or exploit a system, network, or organization's security. A larger attack surface generally indicates higher exposure to potential threats.

Attacker Behavior

The specific tactics and techniques employed by an attacker to gain unauthorized access or compromise a system, along with the intended outcome or objective they aim to achieve.
For example, Phishing may be the chosen method, and the desired outcome could be a data breach.


Business Resources

Components within a group or organization that hold value for the business, such as Sensitive Data and Revenue Generation, and are of interest to threat actors. A cyber risk event that impacts these resources could lead to financial losses for the organization.


Coverage Status

It is the percentage of the business-critical assets covered by a Cyber Security Product (CSP) in your organization.

Custom Fields

Custom Fields allow users to add additional metadata required for prompt identification, reporting, and analytics.


Default Parameters

Default parameters are the default values that you can configure for an asset's business criticality, department, and location in SAFE.



An identified deficiency or gap in your cybersecurity risk posture that has the potential to impact the likelihood or severity of a risk scenario. Findings often indicate areas that require attention or remediation to enhance overall security.


High Impact Controls

High Impact Controls are the critical set of controls that are more likely to be exploited by attack groups. Leaving these types of controls unpatched would lead to a high likelihood of a breach and a highly penalized SAFE score.


Implementation Status
  • If a CSP is not implemented but is applicable to your organization, keep the Implementation Status toggle disabled.  In this case, it treats the implementation status as Failed and impacts the SAFE Score.
  • If a CSP is not applicable to your organization, remove the CSP from Administration > Governance Management > Cybersecurity Products Management. In this case, it will not contribute to the SAFE Score of the organization.
Internet Facing ( for Groups)

A group setting that indicates whether any asset within the group is directly accessible from the internet. It helps identify whether the group includes components that are exposed to online access.



Likelihood is the probability of one or more loss events for an organization/group in a year.


  • 10%
  • 30%
  • 70%
Loss Exceedance Curve (LEC)

A graphical representation that illustrates the probability of financial losses exceeding a certain threshold or magnitude. It helps organizations assess and visualize the potential impact of various risk scenarios, aiding in risk management and decision-making.

Loss Magnitude

Loss Magnitude is the total loss (primary and secondary losses) that would be expected to occur from a single loss event.


  • 10th Percentile: 10% of all losses are lower than this.
  • Average: The mean loss (can be lower or greater than the shown percentiles).
  • 90th Percentile: 90% of all losses are lower than this.


No Asset Group

A group specifically designed for situations where no assets are selected. This type of group is useful for creating operational risk groups or for situations where there is no integration with the assets you want to include in the group.


Primary Loss

The losses that always occur as a result of the loss event.


Questionnaire Marketplace

A directory of pre-designed questionnaires (Example: OWASP Top 10, CIS 18, NIST 800-53, etc.) that can be utilized to gain insights into the security posture of a group.


Risk Scenario

Risk scenarios describe in detail the asset at risk, who or what can act against the asset, their intent or motivation (if applicable), the circumstances and threat actor methods associated with the threat event, and the effect on the company if/when it happens, and when or how often the event might occur.


SAFE Hooks

SAFE Hooks module in SAFE allows you to configure and manage all the integrations of other assessment tools and management tools with SAFE.

SAFE Score

A score representation, from 0 to 5, of likelihood.

Secondary Loss

The losses that may occur as fallout from the loss event.


  • Lost customers
  • Fines and judgments
  • Costs associated with preventing adverse actions by secondary stakeholders.
Smart Group

A group that the SAFE platform continuously updates by automatically associating technology assets or people based on specific filters you define, streamlining the grouping process without manual intervention.

Static Group

Similar to a Smart Group, but in this case, you manually specify the exact technology assets or people by applying filters based on your selection, allowing for precise customization and control over group composition.


Susceptibility is the probability of a threat event becoming a loss event.


Threat Actor

An individual or group, either from within an organization or external to it, that poses a potential risk by intentionally or accidentally causing harm or compromising the organization's security, assets, or data.

Threat Event Frequency

Threat Event Frequency is the expected number of instances in a year that a threat actor will act in a way that could result in a loss.

Threat Event Likelihood

Threat Event Likelihood is the probability in a year that a threat actor will act in a way that could result in a loss.