Imbalance between proactive and reactive cybersecurity
NIST Cybersecurity Framework (aka Framework for Improving Critical Infrastructure Cybersecurity) is an excellent resource for all organizations. There are 3 components to the framework as below: Core – Provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand. Tiers – These implementation Tiers help assist organizations by providing […]
Improving efficacy of AI/ML model to predict exploitability score for vulnerabilities
In an earlier blog, I talked about how machine learning can help predict exploitability score for a vulnerability. In this blog, I will elaborate on some of the finer aspects before comparing with an alternative means available. From a machine learning angle, it is important to identify & include relevant features and use a balanced […]
Introducing Attenu8 platform to predict exploitability score for vulnerability to aid in prioritization
In InfoSec stress is a given, especially given that the InfoSec team needs to be right every time while bad actors need to be right only once. Vulnerability scanners overwhelm InfoSec teams, since these tools spew out a torrent of vulnerabilities. The whole scanning paradigm has outlived its value, but more about in a separate […]
Malware prediction
Data Science and commercially available AI/ML implementations now make it possible to predict whether a vulnerability can be weaponized into malware. This could be a critical moment in cybersecurity as it allows vulnerability management to be truly proactive and reduces the remediation workload. But why bother with this? And even if we did, how could […]
Need for machine curated vulnerability intelligence
It is my pleasure to share this blog article authored by Rohit Ghai, who we are fortunate to have as our advisor. Rohit is renowned in the industry and he currently serves as President, RSA Security. Recruiting machines to fight the vulnerability crisis A central pillar in any cyber resilience strategy is the idea of […]
Weekly Reserved CVE Actionable Insights ( June 23rd 2019 )
What are reserved CVE’s ? Reserved CVE’s are NVD records for confirmed vulnerabilities with little to no information. In most cases there is no information available. ThreatWatch’s prediction model, “Coeus“ goes through all the related information about these CVE like attack vector type, social chatter and vendor advisories, and arrives at a CVSS vector and […]
Machine Learning (ML) powered vulnerability scoring for better prioritization
Most organizations face challenges with prioritizing risk from a new vulnerability or threat. At times, late breaking threats do not provide a severity assessment. The standard way to identify the key characteristics of a threat is using CVSS (Common Vulnerability Scoring System). CVSS provides a Vector (based on key dimensions / attributes of the threat […]