'I am not a numero!': assessing global security threat levels

Bryan Lu Fortinet

  download slides (PDF)

Late last year Gartner analyst Greg Young wrote a blog post about the varying worldwide security threat levels as indicated in vendor online threat centres. He pointed out that, since global vendors are likely to detect the same active threats, they should post the same threat levels. However, vendors use different scale factors with conditions ranging from one to four or levels ranging from one to nine. Other vendors do not even provide threat levels on their public websites - possibly because they are providing details directly to their enterprise users or because they have no precise way of assigning public levels. Sadly, the threat level posting is proving to be more of a marketing add-on than a tool for security awareness.

Threat level is not just a number. This paper exposes the computation and logic behind threat levels and covers the three different security threat categories (virus/spyware, spam and vulnerabilities) that are different in nature. It will also touch on the complex formula affecting current threat levels. After all, the security community needs a standard way of assigning threat levels so it is transparent and helpful to end users.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.