Threat Prevalence Definition

Our experts at SophosLabs set the threat level based on the prevalence of malware, spam and web threats, and intelligence regarding new vulnerabilities. We rate the threat level as low, medium, high or critical.

1 LOW Threat Level 1

There are no vulnerabilities without available patches rated as medium risk or higher, and the global threat prevalence is lower than typical. This is business as usual. However, there are still active threats.

Customers should make sure all machines and applications are patched and anti-malware solutions should be up to date.

2 MEDIUM Threat Level 2

Increased alertness required, malicious attacks could well be imminent. There is either a vulnerability rated as medium risk with no patch available, or SophosLabs has seen a significant increase in the global threat prevalence.

Customers should assess vulnerability information to identify exposed systems.

3 HIGH Threat Level 3

SophosLabs is aware of active attacks and there is a strong likelihood of vulnerable systems being attacked and exploited.

Customers should consider whether to deploy additional monitoring, monitor existing security solutions more closely, and/or disable vulnerable systems.

4 CRITICAL Threat Level 4

SophosLabs has seen malware exploiting an unpatched high-risk vulnerability. SophosLabs believes there is a high probability that vulnerable systems will be hacked.

IT security officers should work with their organizations to determine potential risks and deploy appropriate safeguards. These safeguards may include implementing temporary policies and deploying temporary fixes or restricting application usage.

IT managers without a full-time security officer should put on their security officer hat if they are responsible for server and endpoint security. For organizations that outsource responsibility for security, the IT manager should ask the service provider to investigate.