adding compliance score updates (#1181)

Signed-off-by: Yuval Leibovich <yuvall@armosec.io>
2026-02-14 18:09:55 +00:00 · 2023-04-04 16:03:40 +03:00
parent eae234136b
commit 875deb7ec3
19 changed files with 89 additions and 89 deletions
--- a/cmd/scan/control.go
+++ b/cmd/scan/control.go
@@ -107,8 +107,8 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 			if !scanInfo.VerboseMode {
 				logger.L().Info("Run with '--verbose'/'-v' flag for detailed resources view\n")
 			}
-			if results.GetRiskScore() > float32(scanInfo.FailThreshold) {
-				logger.L().Fatal("scan risk-score is above permitted threshold", helpers.String("risk-score", fmt.Sprintf("%.2f", results.GetRiskScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
+			if results.GetComplianceScore() < float32(scanInfo.FailThreshold) {
+				logger.L().Fatal("scan compliance score is below permitted threshold", helpers.String("compliance score", fmt.Sprintf("%.2f", results.GetComplianceScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
 			}
 			enforceSeverityThresholds(results.GetResults().SummaryDetails.GetResourcesSeverityCounters(), scanInfo, terminateOnExceedingSeverity)

--- a/cmd/scan/framework.go
+++ b/cmd/scan/framework.go
@@ -121,8 +121,8 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 			if !scanInfo.VerboseMode {
 				logger.L().Info("Run with '--verbose'/'-v' flag for detailed resources view\n")
 			}
-			if results.GetRiskScore() > float32(scanInfo.FailThreshold) {
-				logger.L().Fatal("scan risk-score is above permitted threshold", helpers.String("risk-score", fmt.Sprintf("%.2f", results.GetRiskScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
+			if results.GetComplianceScore() < float32(scanInfo.FailThreshold) {
+				logger.L().Fatal("scan compliance-score is below permitted threshold", helpers.String("compliance-score", fmt.Sprintf("%.2f", results.GetComplianceScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
 			}

 			enforceSeverityThresholds(results.GetData().Report.SummaryDetails.GetResourcesSeverityCounters(), scanInfo, terminateOnExceedingSeverity)
--- a/cmd/scan/scan.go
+++ b/cmd/scan/scan.go
@@ -74,7 +74,7 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().StringVar(&scanInfo.UseArtifactsFrom, "use-artifacts-from", "", "Load artifacts from local directory. If not used will download them")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.ExcludedNamespaces, "exclude-namespaces", "e", "", "Namespaces to exclude from scanning. Notice, when running with `exclude-namespace` kubescape does not scan cluster-scoped objects.")

-	scanCmd.PersistentFlags().Float32VarP(&scanInfo.FailThreshold, "fail-threshold", "t", 100, "Failure threshold is the percent above which the command fails and returns exit code 1")
+	scanCmd.PersistentFlags().Float32VarP(&scanInfo.FailThreshold, "fail-threshold", "t", 0, "Failure threshold is the percent above which the command fails and returns exit code 1")

 	scanCmd.PersistentFlags().StringVar(&scanInfo.FailThresholdSeverity, "severity-threshold", "", "Severity threshold is the severity of failed controls at which the command fails and returns exit code 1")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Format, "format", "f", "", `Output file format. Supported formats: "pretty-printer", "json", "junit", "prometheus", "pdf", "html", "sarif"`)
--- a/core/pkg/resultshandling/printer/v1/jsonprinter.go
+++ b/core/pkg/resultshandling/printer/v1/jsonprinter.go
@@ -37,7 +37,7 @@ func (jsonPrinter *JsonPrinter) SetWriter(ctx context.Context, outputFile string
 }

 func (jsonPrinter *JsonPrinter) Score(score float32) {
-	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
+	fmt.Fprintf(os.Stderr, "\nOverall compliance-score (100- Excellent, 0- All failed): %d\n", cautils.Float32ToInt(score))
 }

 func (jsonPrinter *JsonPrinter) ActionPrint(ctx context.Context, opaSessionObj *cautils.OPASessionObj) {
--- a/core/pkg/resultshandling/printer/v1/prometheusprinter.go
+++ b/core/pkg/resultshandling/printer/v1/prometheusprinter.go
@@ -28,7 +28,7 @@ func (p *PrometheusPrinter) SetWriter(ctx context.Context, outputFile string) {
 }

 func (p *PrometheusPrinter) Score(score float32) {
-	fmt.Printf("\n# Overall risk-score (0- Excellent, 100- All failed)\nkubescape_score %d\n", cautils.Float32ToInt(score))
+	fmt.Printf("\n# Overall compliance-score (100- Excellent, 0- All failed)\nkubescape_score %d\n", cautils.Float32ToInt(score))
 }

 func (p *PrometheusPrinter) printResources(allResources map[string]workloadinterface.IMetadata, resourcesIDs *reporthandling.ResourcesIDs, frameworkName, controlName string) {
--- a/core/pkg/resultshandling/printer/v2/controltable.go
+++ b/core/pkg/resultshandling/printer/v2/controltable.go
@@ -12,12 +12,12 @@ import (
 )

 const (
-	columnSeverity      = iota
-	columnName          = iota
-	columnCounterFailed = iota
-	columnCounterAll    = iota
-	columnRiskScore     = iota
-	_rowLen             = iota
+	columnSeverity        = iota
+	columnName            = iota
+	columnCounterFailed   = iota
+	columnCounterAll      = iota
+	columnComplianceScore = iota
+	_rowLen               = iota
 )

 func generateRow(controlSummary reportsummary.IControlSummary, infoToPrintInfo []infoStars, verbose bool) []string {
@@ -36,7 +36,7 @@ func generateRow(controlSummary reportsummary.IControlSummary, infoToPrintInfo [
 	}
 	row[columnCounterFailed] = fmt.Sprintf("%d", controlSummary.NumberOfResources().Failed())
 	row[columnCounterAll] = fmt.Sprintf("%d", controlSummary.NumberOfResources().All())
-	row[columnRiskScore] = getRiskScoreColumn(controlSummary, infoToPrintInfo)
+	row[columnComplianceScore] = getComplianceScoreColumn(controlSummary, infoToPrintInfo)

 	return row
 }
@@ -50,7 +50,7 @@ func getInfoColumn(controlSummary reportsummary.IControlSummary, infoToPrintInfo
 	return ""
 }

-func getRiskScoreColumn(controlSummary reportsummary.IControlSummary, infoToPrintInfo []infoStars) string {
+func getComplianceScoreColumn(controlSummary reportsummary.IControlSummary, infoToPrintInfo []infoStars) string {
 	if controlSummary.GetStatus().IsSkipped() {
 		return fmt.Sprintf("%s %s", "Action Required", getInfoColumn(controlSummary, infoToPrintInfo))
 	}
@@ -109,7 +109,7 @@ func getControlTableHeaders() []string {
 	headers[columnCounterFailed] = "FAILED RESOURCES"
 	headers[columnCounterAll] = "ALL RESOURCES"
 	headers[columnSeverity] = "SEVERITY"
-	headers[columnRiskScore] = "% RISK-SCORE"
+	headers[columnComplianceScore] = "% COMPLIANCE-SCORE"
 	return headers
 }

@@ -119,6 +119,6 @@ func getColumnsAlignments() []int {
 	alignments[columnCounterFailed] = tablewriter.ALIGN_CENTER
 	alignments[columnCounterAll] = tablewriter.ALIGN_CENTER
 	alignments[columnSeverity] = tablewriter.ALIGN_LEFT
-	alignments[columnRiskScore] = tablewriter.ALIGN_CENTER
+	alignments[columnComplianceScore] = tablewriter.ALIGN_CENTER
 	return alignments
 }
--- a/core/pkg/resultshandling/printer/v2/jsonprinter.go
+++ b/core/pkg/resultshandling/printer/v2/jsonprinter.go
@@ -40,7 +40,7 @@ func (jp *JsonPrinter) SetWriter(ctx context.Context, outputFile string) {
 }

 func (jp *JsonPrinter) Score(score float32) {
-	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
+	fmt.Fprintf(os.Stderr, "\nOverall compliance-score (100- Excellent, 0- All failed): %d\n", cautils.Float32ToInt(score))
 }

 func (jp *JsonPrinter) ActionPrint(ctx context.Context, opaSessionObj *cautils.OPASessionObj) {
--- a/core/pkg/resultshandling/printer/v2/junit.go
+++ b/core/pkg/resultshandling/printer/v2/junit.go
@@ -108,7 +108,7 @@ func (jp *JunitPrinter) SetWriter(ctx context.Context, outputFile string) {
 }

 func (jp *JunitPrinter) Score(score float32) {
-	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
+	fmt.Fprintf(os.Stderr, "\nOverall compliance-score (100- Excellent, 0- All failed): %d\n", cautils.Float32ToInt(score))
 }

 func (jp *JunitPrinter) ActionPrint(ctx context.Context, opaSessionObj *cautils.OPASessionObj) {
@@ -221,11 +221,11 @@ func resourceToString(resource workloadinterface.IMetadata, sourcePath string) s
 	return s
 }

-func properties(riskScore float32) []JUnitProperty {
+func properties(complianceScore float32) []JUnitProperty {
 	return []JUnitProperty{
 		{
-			Name:  "riskScore",
-			Value: fmt.Sprintf("%.2f", riskScore),
+			Name:  "complianceScore",
+			Value: fmt.Sprintf("%.2f", complianceScore),
 		},
 	}
 }
--- a/core/pkg/resultshandling/printer/v2/pdf.go
+++ b/core/pkg/resultshandling/printer/v2/pdf.go
@@ -55,7 +55,7 @@ func (pp *PdfPrinter) SetWriter(ctx context.Context, outputFile string) {
 }

 func (pp *PdfPrinter) Score(score float32) {
-	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
+	fmt.Fprintf(os.Stderr, "\nOverall compliance-score (100- Excellent, 0- All failed): %d\n", cautils.Float32ToInt(score))
 }
 func (pp *PdfPrinter) printInfo(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails, infoMap []infoStars) {
 	emptyRowCounter := 1
--- a/core/pkg/resultshandling/printer/v2/prettyprinter.go
+++ b/core/pkg/resultshandling/printer/v2/prettyprinter.go
@@ -206,7 +206,7 @@ func generateFooter(summaryDetails *reportsummary.SummaryDetails) []string {
 	row[columnCounterFailed] = fmt.Sprintf("%d", summaryDetails.NumberOfResources().Failed())
 	row[columnCounterAll] = fmt.Sprintf("%d", summaryDetails.NumberOfResources().All())
 	row[columnSeverity] = " "
-	row[columnRiskScore] = fmt.Sprintf("%.2f%s", summaryDetails.Score, "%")
+	row[columnComplianceScore] = fmt.Sprintf("%.2f%s", summaryDetails.Score, "%")

 	return row
 }
@@ -271,9 +271,9 @@ func frameworksScoresToString(frameworks []reportsummary.IFrameworkSummary) stri
 		p := "FRAMEWORKS: "
 		i := 0
 		for ; i < len(frameworks)-1; i++ {
-			p += fmt.Sprintf("%s (risk: %.2f), ", frameworks[i].GetName(), frameworks[i].GetScore())
+			p += fmt.Sprintf("%s (compliance: %.2f), ", frameworks[i].GetName(), frameworks[i].GetComplianceScore())
 		}
-		p += fmt.Sprintf("%s (risk: %.2f)\n", frameworks[i].GetName(), frameworks[i].GetScore())
+		p += fmt.Sprintf("%s (compliance: %.2f)\n", frameworks[i].GetName(), frameworks[i].GetComplianceScore())
 		return p
 	}
 	return ""
--- a/core/pkg/resultshandling/printer/v2/prometheus.go
+++ b/core/pkg/resultshandling/printer/v2/prometheus.go
@@ -32,7 +32,7 @@ func (pp *PrometheusPrinter) SetWriter(ctx context.Context, outputFile string) {
 }

 func (pp *PrometheusPrinter) Score(score float32) {
-	fmt.Printf("\n# Overall risk-score (0- Excellent, 100- All failed)\nkubescape_score %d\n", cautils.Float32ToInt(score))
+	fmt.Printf("\n# Overall compliance-score (100- Excellent, 0- All failed)\nkubescape_score %d\n", cautils.Float32ToInt(score))
 }

 func (pp *PrometheusPrinter) generatePrometheusFormat(
@@ -41,7 +41,7 @@ func (pp *PrometheusPrinter) generatePrometheusFormat(
 	summaryDetails *reportsummary.SummaryDetails) *Metrics {

 	m := &Metrics{}
-	m.setRiskScores(summaryDetails)
+	m.setComplianceScores(summaryDetails)
 	// m.setResourcesCounters(resources, results)

 	return m
--- a/core/pkg/resultshandling/printer/v2/prometheusutils.go
+++ b/core/pkg/resultshandling/printer/v2/prometheusutils.go
@@ -14,7 +14,7 @@ type metricsName string
 const (
 	ksMetrics        metricsName = "kubescape"
 	metricsCluster   metricsName = "cluster"
-	metricsScore     metricsName = "riskScore"
+	metricsScore     metricsName = "complianceScore"
 	metricsCount     metricsName = "count"
 	metricsFailed    metricsName = "failed"
 	metricsSkipped   metricsName = "skipped"
@@ -27,10 +27,10 @@ const (
 )

 // ============================================ CLUSTER ============================================================
-func (mrs *mRiskScore) metrics() []string {
+func (mrs *mComplianceScore) metrics() []string {
 	/*
-		##### Overall risk score
-		kubescape_cluster_riskScore{} <risk score>
+		##### Overall compliance score
+		kubescape_cluster_ComplianceScore{} <compliance score>

 		###### Overall resources counters
 		kubescape_cluster_count_resources_failed{} <counter>
@@ -45,7 +45,7 @@ func (mrs *mRiskScore) metrics() []string {

 	m := []string{}
 	// overall
-	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s", mrs.prefix(), metricsScore), mrs.labels(), mrs.riskScore))
+	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s", mrs.prefix(), metricsScore), mrs.labels(), mrs.complianceScore))

 	// resources
 	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s_%s_%s", mrs.prefix(), metricsCount, metricsResources, metricsFailed), mrs.labels(), mrs.resourcesCountFailed))
@@ -59,20 +59,20 @@ func (mrs *mRiskScore) metrics() []string {

 	return m
 }
-func (mrs *mRiskScore) labels() string {
+func (mrs *mComplianceScore) labels() string {
 	return ""
 }

-func (mrs *mRiskScore) prefix() string {
+func (mrs *mComplianceScore) prefix() string {
 	return fmt.Sprintf("%s_%s", ksMetrics, metricsCluster)
 }

 // ============================================ CONTROL ============================================================

-func (mcrs *mControlRiskScore) metrics() []string {
+func (mcrs *mControlComplianceScore) metrics() []string {
 	/*
-		# Risk score
-		kubescape_control_riskScore{name="<control name>",url="<docs url>",severity="<control severity>"} <risk score>
+		# Compliance score
+		kubescape_control_complianceScore{name="<control name>",url="<docs url>",severity="<control severity>"} <compliance score>

 		# Resources counters
 		kubescape_control_count_resources_failed{name="<control name>",url="<docs url>",severity="<control severity>"} <counter>
@@ -82,7 +82,7 @@ func (mcrs *mControlRiskScore) metrics() []string {

 	m := []string{}
 	// overall
-	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s", mcrs.prefix(), metricsScore), mcrs.labels(), mcrs.riskScore))
+	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s", mcrs.prefix(), metricsScore), mcrs.labels(), mcrs.complianceScore))

 	// resources
 	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s_%s_%s", mcrs.prefix(), metricsCount, metricsResources, metricsFailed), mcrs.labels(), mcrs.resourcesCountFailed))
@@ -91,22 +91,22 @@ func (mcrs *mControlRiskScore) metrics() []string {

 	return m
 }
-func (mcrs *mControlRiskScore) labels() string {
+func (mcrs *mControlComplianceScore) labels() string {
 	r := fmt.Sprintf("name=\"%s\"", mcrs.controlName) + ","
 	r += fmt.Sprintf("severity=\"%s\"", mcrs.severity) + ","
 	r += fmt.Sprintf("link=\"%s\"", mcrs.link)
 	return r
 }
-func (mcrs *mControlRiskScore) prefix() string {
+func (mcrs *mControlComplianceScore) prefix() string {
 	return fmt.Sprintf("%s_%s", ksMetrics, metricsControl)
 }

 // ============================================ FRAMEWORK ============================================================

-func (mfrs *mFrameworkRiskScore) metrics() []string {
+func (mfrs *mFrameworkComplianceScore) metrics() []string {
 	/*
 		#### Frameworks metrics
-		kubescape_framework_riskScore{name="<framework name>"} <risk score>
+		kubescape_framework_complianceScore{name="<framework name>"} <compliance score>

 		###### Frameworks resources counters
 		kubescape_framework_count_resources_failed{} <counter>
@@ -122,7 +122,7 @@ func (mfrs *mFrameworkRiskScore) metrics() []string {

 	m := []string{}
 	// overall
-	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s", mfrs.prefix(), metricsScore), mfrs.labels(), mfrs.riskScore))
+	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s", mfrs.prefix(), metricsScore), mfrs.labels(), mfrs.complianceScore))

 	// resources
 	m = append(m, toRowInMetrics(fmt.Sprintf("%s_%s_%s_%s", mfrs.prefix(), metricsCount, metricsResources, metricsFailed), mfrs.labels(), mfrs.resourcesCountFailed))
@@ -136,11 +136,11 @@ func (mfrs *mFrameworkRiskScore) metrics() []string {

 	return m
 }
-func (mfrs *mFrameworkRiskScore) labels() string {
+func (mfrs *mFrameworkComplianceScore) labels() string {
 	r := fmt.Sprintf("name=\"%s\"", mfrs.frameworkName)
 	return r
 }
-func (mfrs *mFrameworkRiskScore) prefix() string {
+func (mfrs *mFrameworkComplianceScore) prefix() string {
 	return fmt.Sprintf("%s_%s", ksMetrics, metricsFramework)
 }

@@ -193,17 +193,17 @@ func (m *Metrics) String() string {
 	return r
 }

-type mRiskScore struct {
+type mComplianceScore struct {
 	resourcesCountPassed  int
 	resourcesCountFailed  int
 	resourcesCountSkipped int
 	controlsCountPassed   int
 	controlsCountFailed   int
 	controlsCountSkipped  int
-	riskScore             int
+	complianceScore       int
 }

-type mControlRiskScore struct {
+type mControlComplianceScore struct {
 	controlName           string
 	controlID             string
 	link                  string
@@ -212,10 +212,10 @@ type mControlRiskScore struct {
 	resourcesCountPassed  int
 	resourcesCountFailed  int
 	resourcesCountSkipped int
-	riskScore             int
+	complianceScore       int
 }

-type mFrameworkRiskScore struct {
+type mFrameworkComplianceScore struct {
 	frameworkName         string
 	resourcesCountPassed  int
 	resourcesCountFailed  int
@@ -223,7 +223,7 @@ type mFrameworkRiskScore struct {
 	controlsCountPassed   int
 	controlsCountFailed   int
 	controlsCountSkipped  int
-	riskScore             int
+	complianceScore       int
 }

 type mResources struct {
@@ -236,13 +236,13 @@ type mResources struct {
 	controlsCountSkipped int
 }
 type Metrics struct {
-	rs             mRiskScore
-	listFrameworks []mFrameworkRiskScore
-	listControls   []mControlRiskScore
+	rs             mComplianceScore
+	listFrameworks []mFrameworkComplianceScore
+	listControls   []mControlComplianceScore
 	listResources  []mResources
 }

-func (mrs *mRiskScore) set(resources reportsummary.ICounters, controls reportsummary.ICounters) {
+func (mrs *mComplianceScore) set(resources reportsummary.ICounters, controls reportsummary.ICounters) {
 	mrs.resourcesCountSkipped = resources.Skipped()
 	mrs.resourcesCountFailed = resources.Failed()
 	mrs.resourcesCountPassed = resources.Passed()
@@ -251,7 +251,7 @@ func (mrs *mRiskScore) set(resources reportsummary.ICounters, controls reportsum
 	mrs.controlsCountSkipped = controls.Skipped()
 }

-func (mfrs *mFrameworkRiskScore) set(resources reportsummary.ICounters, controls reportsummary.ICounters) {
+func (mfrs *mFrameworkComplianceScore) set(resources reportsummary.ICounters, controls reportsummary.ICounters) {
 	mfrs.resourcesCountSkipped = resources.Skipped()
 	mfrs.resourcesCountFailed = resources.Failed()
 	mfrs.resourcesCountPassed = resources.Passed()
@@ -260,32 +260,32 @@ func (mfrs *mFrameworkRiskScore) set(resources reportsummary.ICounters, controls
 	mfrs.controlsCountSkipped = controls.Skipped()
 }

-func (mcrs *mControlRiskScore) set(resources reportsummary.ICounters) {
+func (mcrs *mControlComplianceScore) set(resources reportsummary.ICounters) {
 	mcrs.resourcesCountSkipped = resources.Skipped()
 	mcrs.resourcesCountFailed = resources.Failed()
 	mcrs.resourcesCountPassed = resources.Passed()
 }
-func (m *Metrics) setRiskScores(summaryDetails *reportsummary.SummaryDetails) {
+func (m *Metrics) setComplianceScores(summaryDetails *reportsummary.SummaryDetails) {
 	m.rs.set(summaryDetails.NumberOfResources(), summaryDetails.NumberOfControls())
-	m.rs.riskScore = cautils.Float32ToInt(summaryDetails.GetScore())
+	m.rs.complianceScore = cautils.Float32ToInt(summaryDetails.GetScore())

 	for _, fw := range summaryDetails.ListFrameworks() {
-		mfrs := mFrameworkRiskScore{
-			frameworkName: fw.GetName(),
-			riskScore:     cautils.Float32ToInt(fw.GetScore()),
+		mfrs := mFrameworkComplianceScore{
+			frameworkName:   fw.GetName(),
+			complianceScore: cautils.Float32ToInt(fw.GetComplianceScore()),
 		}
 		mfrs.set(fw.NumberOfResources(), fw.NumberOfControls())
 		m.listFrameworks = append(m.listFrameworks, mfrs)
 	}

 	for _, control := range summaryDetails.ListControls() {
-		mcrs := mControlRiskScore{
-			controlName: control.GetName(),
-			controlID:   control.GetID(),
-			riskScore:   cautils.Float32ToInt(control.GetScore()),
-			link:        cautils.GetControlLink(control.GetID()),
-			severity:    apis.ControlSeverityToString(control.GetScoreFactor()),
-			remediation: control.GetRemediation(),
+		mcrs := mControlComplianceScore{
+			controlName:     control.GetName(),
+			controlID:       control.GetID(),
+			complianceScore: cautils.Float32ToInt(control.GetScore()),
+			link:            cautils.GetControlLink(control.GetID()),
+			severity:        apis.ControlSeverityToString(control.GetScoreFactor()),
+			remediation:     control.GetRemediation(),
 		}
 		mcrs.set(control.NumberOfResources())
 		m.listControls = append(m.listControls, mcrs)
--- a/core/pkg/resultshandling/results.go
+++ b/core/pkg/resultshandling/results.go
@@ -30,8 +30,8 @@ func NewResultsHandler(reporterObj reporter.IReport, printerObjs []printer.IPrin
 	}
 }

-// GetScore returns the result’s risk score
-func (rh *ResultsHandler) GetRiskScore() float32 {
+// GetComplianceScore returns the result’s compliance score
+func (rh *ResultsHandler) GetComplianceScore() float32 {
 	return rh.scanData.Report.SummaryDetails.Score
 }

@@ -74,12 +74,12 @@ func (rh *ResultsHandler) HandleResults(ctx context.Context) error {
 	// score - a summary of the results—can always be seen at the end
 	// of output
 	rh.uiPrinter.ActionPrint(ctx, rh.scanData)
-	rh.uiPrinter.Score(rh.GetRiskScore())
+	rh.uiPrinter.Score(rh.GetComplianceScore())

 	// Then print to output files
 	for _, printer := range rh.printerObjs {
 		printer.ActionPrint(ctx, rh.scanData)
-		printer.Score(rh.GetRiskScore())
+		printer.Score(rh.GetComplianceScore())
 	}

 	// We should submit only after printing results, so a user can see
--- a/core/pkg/score/score.go
+++ b/core/pkg/score/score.go
@@ -29,7 +29,7 @@ const (

 func (su *ScoreWrapper) Calculate(reportVersion PostureReportVersion) error {
 	if reportVersion == EPostureReportV2 {
-		return su.scoreUtil.CalculatePostureReportV2(su.opaSessionObj.Report)
+		return su.scoreUtil.SetPostureReportComplianceScores(su.opaSessionObj.Report)
 	}

 	return fmt.Errorf("unsupported score calculator")
--- a/go.mod
+++ b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/kubescape/go-git-url v0.0.24
 	github.com/kubescape/go-logger v0.0.11
 	github.com/kubescape/k8s-interface v0.0.116
-	github.com/kubescape/opa-utils v0.0.242
+	github.com/kubescape/opa-utils v0.0.243
 	github.com/kubescape/rbac-utils v0.0.20
 	github.com/kubescape/regolibrary v1.0.250
 	github.com/libgit2/git2go/v33 v33.0.9
--- a/go.sum
+++ b/go.sum
@@ -1092,8 +1092,8 @@ github.com/kubescape/go-logger v0.0.11 h1:oucpq2S7+DT7O+UclG5IrmHado/tj6+IkYf9cz
 github.com/kubescape/go-logger v0.0.11/go.mod h1:yGiKBJ2lhq/kxzY/MVYDREL9fLV3RGD6gv+UFjslaew=
 github.com/kubescape/k8s-interface v0.0.116 h1:Sn76gsMLAArc5kbHZVoRMS6QlM4mOz9Dolpym9BOul8=
 github.com/kubescape/k8s-interface v0.0.116/go.mod h1:ENpA9SkkS6E3PIT+AaMu/JGkuyE04aUamY+a7WLqsJQ=
-github.com/kubescape/opa-utils v0.0.242 h1:dxXjkUHIwIqlLpnAOfyREH8pWl8wUOHIW9oigKHl6wg=
-github.com/kubescape/opa-utils v0.0.242/go.mod h1:aaAPHjaIJDoAK6RvAcUDXrXkja0ZTy0qSfnoxkE9z34=
+github.com/kubescape/opa-utils v0.0.243 h1:LdF/sjE2xX6Y8m2pa4b9RHONhqc+P5v0/OgG7WanuFg=
+github.com/kubescape/opa-utils v0.0.243/go.mod h1:aaAPHjaIJDoAK6RvAcUDXrXkja0ZTy0qSfnoxkE9z34=
 github.com/kubescape/rbac-utils v0.0.20 h1:1MMxsCsCZ3ntDi8f9ZYYcY+K7bv50bDW5ZvnGnhMhJw=
 github.com/kubescape/rbac-utils v0.0.20/go.mod h1:t57AhSrjuNGQ+mpZWQM/hBzrCOeKBDHegFoVo4tbikQ=
 github.com/kubescape/regolibrary v1.0.250 h1:BKoH89Cex+5rsD+vn1ILxULcJ++aA/KEhV5jJ4Wgp/8=
--- a/httphandler/examples/prometheus/README.md
+++ b/httphandler/examples/prometheus/README.md
@@ -24,14 +24,14 @@

 All kubescape related metrics begin with `kubescape`

-> `riskScore` is the output of an algorithm calculating the risk of the vulnerability. `0` indicates there is no risk and `100` indicates highest risk. 
+> `complianceScore` is how compliant you are, where `100` indicates complete compliance and `0` means you are not compliant at all. 

 #### Cluster scope metrics

-##### Overall risk score
+##### Overall compliance score
 ```
-# Overall riskScore of the scan
-kubescape_cluster_riskScore{} <risk score>
+# Overall complianceScore of the scan
+kubescape_cluster_complianceScore{} <compliance score>
 ```

 ###### Overall resources counters
@@ -60,9 +60,9 @@ kubescape_cluster_count_controls_passed{} <counter>

 #### Frameworks metrics

-##### Frameworks risk score
+##### Frameworks compliance score
 ```
-kubescape_framework_riskScore{name="<framework name>"} <risk score>
+kubescape_framework_complianceScore{name="<framework name>"} <compliance score>
 ```

 ###### Frameworks resources counters
@@ -92,10 +92,10 @@ kubescape_framework_count_controls_passed{name="<framework name>"} <counter>

 #### Controls metrics

-##### Controls risk score
+##### Controls compliance score

 ```
-kubescape_control_riskScore{name="<control name>",url="<docs url>",severity="<control severity>"} <risk score>
+kubescape_control_complianceScore{name="<control name>",url="<docs url>",severity="<control severity>"} <compliance score>
 ```

 ###### Controls resources counters
--- a/httphandler/go.mod
+++ b/httphandler/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/kubescape/go-logger v0.0.11
 	github.com/kubescape/k8s-interface v0.0.116
 	github.com/kubescape/kubescape/v2 v2.0.0-00010101000000-000000000000
-	github.com/kubescape/opa-utils v0.0.242
+	github.com/kubescape/opa-utils v0.0.243
 	github.com/stretchr/testify v1.8.1
 	go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.38.0
 	go.opentelemetry.io/otel v1.12.0
--- a/httphandler/go.sum
+++ b/httphandler/go.sum
@@ -1097,8 +1097,8 @@ github.com/kubescape/go-logger v0.0.11 h1:oucpq2S7+DT7O+UclG5IrmHado/tj6+IkYf9cz
 github.com/kubescape/go-logger v0.0.11/go.mod h1:yGiKBJ2lhq/kxzY/MVYDREL9fLV3RGD6gv+UFjslaew=
 github.com/kubescape/k8s-interface v0.0.116 h1:Sn76gsMLAArc5kbHZVoRMS6QlM4mOz9Dolpym9BOul8=
 github.com/kubescape/k8s-interface v0.0.116/go.mod h1:ENpA9SkkS6E3PIT+AaMu/JGkuyE04aUamY+a7WLqsJQ=
-github.com/kubescape/opa-utils v0.0.242 h1:dxXjkUHIwIqlLpnAOfyREH8pWl8wUOHIW9oigKHl6wg=
-github.com/kubescape/opa-utils v0.0.242/go.mod h1:aaAPHjaIJDoAK6RvAcUDXrXkja0ZTy0qSfnoxkE9z34=
+github.com/kubescape/opa-utils v0.0.243 h1:LdF/sjE2xX6Y8m2pa4b9RHONhqc+P5v0/OgG7WanuFg=
+github.com/kubescape/opa-utils v0.0.243/go.mod h1:aaAPHjaIJDoAK6RvAcUDXrXkja0ZTy0qSfnoxkE9z34=
 github.com/kubescape/rbac-utils v0.0.20 h1:1MMxsCsCZ3ntDi8f9ZYYcY+K7bv50bDW5ZvnGnhMhJw=
 github.com/kubescape/rbac-utils v0.0.20/go.mod h1:t57AhSrjuNGQ+mpZWQM/hBzrCOeKBDHegFoVo4tbikQ=
 github.com/kubescape/regolibrary v1.0.250 h1:BKoH89Cex+5rsD+vn1ILxULcJ++aA/KEhV5jJ4Wgp/8=