Severity Levels

Severity Levels

FortWatch uses four primary severity levels to classify findings and issues. These levels determine how findings are prioritized, how the threat level score is calculated, and whether issues are auto-created.

Critical

Color: Red

Critical findings represent the most severe security vulnerabilities — those that could be actively exploited to compromise the system, steal data, or gain unauthorized access.

Examples:

• Remote code execution (RCE) vulnerabilities
• SQL injection on authentication endpoints
• Exposed database management interfaces with default credentials
• Known exploited CVEs with public proof-of-concept code

Threat level weight: 10 points per issue. Issues are auto-created.

High

Color: Orange

High severity findings are serious security concerns that could lead to data exposure, privilege escalation, or significant impact if exploited.

Examples:

• Cross-site scripting (XSS) vulnerabilities
• Insecure direct object reference (IDOR) issues
• Missing or invalid SSL certificates
• Exposed sensitive files (backups, configuration files)

Threat level weight: 4 points per issue. Issues are auto-created.

Medium

Color: Yellow

Medium findings are moderate security concerns that should be addressed but do not pose an immediate exploitable risk.

Examples:

• Missing security headers (Content-Security-Policy, X-Frame-Options)
• Outdated software versions without known critical vulnerabilities
• Permissive CORS configuration
• Directory listing enabled

Threat level weight: 1.5 points per issue. Issues are not auto-created.

Low

Color: Blue

Low findings are minor security improvements that are good practice but represent minimal risk.

Examples:

• Missing X-Content-Type-Options header
• Cookie without Secure flag on non-sensitive endpoints
• Server version disclosure in response headers

Threat level weight: 0.5 points per issue. Issues are not auto-created.