# Risk Level ### Risk Level The **Risk Level** (RL) is a quantitative metric that assesses the current **exposure** to software supply chain attacks. It evaluates the ***security posture*** of the DevOps system based on scans conducted by the Xygeni platform. In the [Dashboard](https://docs.xygeni.io/xygeni-web-ui-overview#xygeni-web-ui), the **Risk Level** is displayed alongside its variation in relation to the current baseline of projects. The Risk Level is quantified on a scale from 0 to 100, with 100 indicating the highest level of risk. This measure is determined by the issues identified within a project. If no issues are detected, the Risk Level is rated as 0. The RL is qualified in three categories that make more evident how good or bad is the risk for the organization. Each category is encoded with a color following the "semaphore" scheme: * **Low**: RL between 0 and 33, green color. * **Moderate**: RL between 33 and 66, yellow color. * **High**: RL between 66 and 100, blood-red color.