Swap Risk Categories 2 and 4

We decided to number our risk categories based on the order in which they are introduced in kibana. Since Asset Criticality is being released next, and AC corresponds to the Entity Contexts category, it's now Category 2.
elastic · Dec 19, 2023 · 7af698b · 7af698b
1 parent a00f454
commit 7af698b
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 10 deletions.
diff --git a/rfcs/text/0042-risk-score-extensions.md b/rfcs/text/0042-risk-score-extensions.md
@@ -101,8 +101,8 @@ The following is an example risk score generated from Detection Engine Alerts, c
         "calculated_score": 150,
         "category_1_score": 80,
         "category_1_count": 4354,
-        "category_5_score": 10,
-        "category_5_count": 1,
+        "category_2_score": 10,
+        "category_2_count": 1,
         "criticality_level": "very_important",
         "criticality_modifier": 2.0,
         "notes": [],

diff --git a/rfcs/text/0042/risk.yml b/rfcs/text/0042/risk.yml
@@ -47,19 +47,19 @@
     - name: category_2_score
       level: extended
       type: float
-      example: 35.0
+      example: 55.0
       description: >
         The contribution of Category 2 to the overall normalized risk score (`calculated_score_norm`).
 
-        Risk Categories logically group risk inputs from various domain use cases. Category 2 includes inputs from Posture Management.
+        Risk Categories logically group risk inputs from various domain use cases. Category 2 includes Entity Contexts.
     - name: category_2_count
       level: extended
       type: long
-      example: 1921
+      example: 1308
       description: >
         The number of risk input documents that contributed to the Category 2 score.
 
-        Risk Categories logically group risk inputs from various domain use cases. Category 2 includes inputs from Posture Management.
+        Risk Categories logically group risk inputs from various domain use cases. Category 2 includes Entity Contexts.
     - name: category_3_score
       level: extended
       type: float
@@ -79,19 +79,19 @@
     - name: category_4_score
       level: extended
       type: float
-      example: 55.0
+      example: 35.0
       description: >
         The contribution of Category 4 to the overall normalized risk score (`calculated_score_norm`).
 
-        Risk Categories logically group risk inputs from various domain use cases. Category 4 includes Entity Contexts.
+        Risk Categories logically group risk inputs from various domain use cases. Category 4 includes inputs from Posture Management.
     - name: category_4_count
       level: extended
       type: long
-      example: 1308
+      example: 1921
       description: >
         The number of risk input documents that contributed to the Category 4 score.
 
-        Risk Categories logically group risk inputs from various domain use cases. Category 4 includes Entity Contexts.
+        Risk Categories logically group risk inputs from various domain use cases. Category 4 includes inputs from Posture Management.
     - name: category_5_score
       level: extended
       type: float