Calculator inputs
The page uses a responsive 3-column, 2-column, and 1-column input grid.
Example data table
Use these sample scenarios for benchmarking and team workshops.
| Scenario | Total | Dangling | Unclaimed | Dependencies | TTL | Controls | Risk Tier |
|---|---|---|---|---|---|---|---|
| Marketing microsites | 85 | 7 | 5 | 18 | 48h | Basic | High |
| Developer sandbox | 140 | 11 | 8 | 27 | 24h | Moderate | High |
| Customer portal estate | 210 | 4 | 2 | 12 | 12h | Strong | Moderate |
| Legacy acquisitions | 320 | 18 | 13 | 41 | 72h | Basic | Critical |
Formula used
The calculator combines exposure, likelihood, impact, and control strength into one weighted defensive risk estimate. It is intended for internal prioritization rather than exploit validation.
Exposure = 100 × (0.34×DanglingRatio + 0.22×UnclaimedRatio + 0.16×DependencyRatio + 0.10×AutoscaleRatio + 0.10×TTLNorm + 0.08×Wildcard)
Likelihood = 100 × (0.42×DanglingRatio + 0.20×UnclaimedRatio + 0.12×Confidence + 0.10×DependencyRatio + 0.08×TTLNorm + 0.08×Wildcard)
Impact = 100 × (0.32×Criticality + 0.24×Traffic + 0.24×CookieExposure + 0.20×AuthExposure)
ControlReduction = 100 × (0.58×Controls + 0.42×Monitoring)
OverallRisk = 0.50×Likelihood + 0.35×Impact + 0.15×Exposure − 0.22×ControlReduction
Scores are clamped to 0–100. The remediation priority index scales the final score using the observed fraction of dangling or unclaimed hostnames.
How to use this calculator
- Enter the total number of subdomains in the review scope.
- Add the number of dangling DNS candidates and unclaimed provider resources.
- Estimate how many hostnames rely on third-party services or ephemeral infrastructure.
- Choose evidence confidence, traffic level, criticality, cookie scope, and auth linkage.
- Rate control maturity and monitoring frequency honestly to avoid false comfort.
- Click Calculate Risk to display the result above the form.
- Download CSV or PDF copies for triage meetings, tickets, or audit notes.
- Repeat with different assumptions to compare remediation scenarios safely.
FAQs
1. What does this calculator measure?
It estimates the defensive risk that stale DNS or unclaimed provider resources could expose a subdomain to unauthorized reuse. It prioritizes inventory gaps and impact factors, not exploitation steps.
2. Is the score a vulnerability confirmation?
No. The result is a triage estimate. Teams should still verify ownership state, provider responses, and intended DNS records before treating a hostname as truly exposed.
3. Why do controls reduce the score?
Strong ownership validation, frequent monitoring, and clean deprovisioning reduce the window in which orphaned records remain exploitable. Better controls do not erase risk, but they lower practical exposure.
4. Why are cookies and SSO included?
If a risky hostname handles shared cookies or authentication flows, the potential impact rises sharply. Even a small DNS hygiene issue can become a major business problem.
5. What inputs matter most?
Dangling records, unclaimed services, and business impact drive the score the most. Those variables usually define whether the issue is an inventory nuisance or a top remediation priority.
6. Can I use percentages instead of counts?
This version expects counts because teams usually audit by hostname inventory. If you only have percentages, convert them into estimated hostname counts first.
7. How often should teams recalculate?
Recalculate after DNS migrations, provider changes, decommission projects, acquisitions, and quarterly hygiene reviews. Dynamic cloud estates change quickly, so a one-time score becomes stale fast.
8. What should I do after a high score?
Review orphaned DNS records, verify provider ownership, tighten monitoring, scope cookies carefully, and queue urgent cleanup for the highest-value hostnames first.