What does the risk framework add to an object to indicate increased risk?

The risk framework in Splunk Enterprise Security is designed to assess and quantify the level of risk associated with specific objects, such as assets, liabilities, or users. When increased risk is indicated, the framework assigns a numeric score to represent this level of risk. This score is a quantitative measure that can be used to evaluate and prioritize response actions based on the severity and urgency of the risk.

Utilizing a numeric score allows security teams to have a clear, measurable way to identify which risks may require immediate attention and resources. This facilitates better decision-making in the context of security operations, as teams can compare different risks based on their scores and decide which are more critical to address. Providing a clear numeric representation of risk allows for an objective assessment, creating a common understanding of risks across various teams and stakeholders within the organization.