Amazon.com, Inc.
Application vulnerability rating system

Abstract:

A method of determining a level of potential risk associated with a potential vulnerability identified in a software application. The method includes generating simulated loss events, determining a plurality of impacts for the simulated loss events, determining the level of potential risk based on the plurality of impacts, and providing a graphical user interface based on the level of potential risk.