Risk Matrix
Framework
In assessing the severity of a risk, LazyOtter employs a Risk matrix, which gauges the likelihood of a detected threat turning into an actual damaging event. The likelihood is divided into four levels: Improbable, Remote, Probable, and Frequent and it directly affects the importance of the alert.
Let's take an 'Anomaly gas' alert as an example. This alert signifies an unusual amount of gas being used in a transaction. While this can be a warning sign, it doesn't always indicate a threat. High gas usage can be due to various reasons such as arbitrage opportunities or network congestion. Given the diverse reasons for an anomaly in gas usage, the Likelihood rating for this alert would be 'Improbable,' leading to a 'Low' severity rating.
On the other hand, an 'Asset drained' alert is a clear sign of potential danger. This alert is triggered when a significant portion of a contract's funds are withdrawn in a short period. Under normal circumstances, such drastic asset drainage would not occur without a good reason, and it's often a strong indicator of an attack. Therefore, the Likelihood rating for an 'Asset drained' alert is higher, likely falling under 'Probable' or even 'Frequent,' resulting in a higher severity rating.
Bot detector list
Last updated