A new way to save the day: harnessing threat actor’s intent to revolutionize vulnerability management

 

159,824. As of writing this post, this is the number of known vulnerabilities and exposures. And the number is growing fast. Today’s security organizations cannot effectively manage the huge amount of data points they need to digest when managing CVEs. Vulnerability management teams are trapped in a constant game of whack a-mole trying to prioritize remediation. The current methodologies are not working because:

  1. Despite the overwhelming number of vulnerabilities, only 1 out of 16 is exploited
  2. Most CVEs are exploited in the first few days while today’s approach scores them on average after a week
  3. Honeypots and extrapolation-based solutions are only effective after attacks have already happened

 

This widespread problem is the reason that today we at Cybersixgill are excited to announce the launch of our newest feature: the Dynamic Vulnerability Exploit (DVE) Score – a major step forward for our concept of Continuous Investigation/Continuous Protection. Using machine learning and automatic, real-time analysis of threat intelligence, the DVE Score measures and quantifies the risk posed by specific cybersecurity vulnerabilities. This way, cybersecurity professionals can easily identify their most imminent risks, enabling them to prioritize these threats and respond proactively.

The DVE Score can be consumed as a feed, via Cybersixgill’s Investigative Portal, or through an API, and it can be seamlessly integrated with TIP, SIEM, SOAR, and VM platforms..

 

How does the DVE Score offer unmatched insight into which vulnerabilities should be prioritized? 

In contrast to the widely used CVSS scoring system, the Cybersixgill DVE Score evaluates the likelihood that a given vulnerability will be exploited in the near future (up to 90 days) – and not only the severity of an attack that could take place if the vulnerability is actually exploited. In addition, the DVE score is automatically recalculated on a daily basis, keeping it constantly up-to-date.

Most importantly, DVE Score factors in valuable cyber threat intelligence. Its analysis taps into the deep and dark web chatter, critical intel sources such as code repositories, social media, closed forums and other sources. With the largest collection of vulnerability-related cyber threat intelligence on the market, Cybersixgill is uniquely positioned to provide insights into these vulnerabilities – insights that help ensure the reliability of the DVE Score. 

In addition to numerical scores for specific vulnerabilities, the DVE can provide an audit-trail, providing an explanation on which any given score is based. Lastly, the DVE score provides a timeline and event log of related dark web chatter, as well as (when applicable) POC codes written by hackers to exploit this vulnerability. This approach offers cybersecurity professionals visibility into the rationale of the DVE algorithm and its reasoning behind every score. It is also a great tool to back/explain decisions and make the case for addressing specific vulnerabilities. 

Sixgill's DVE rating is the only solution that provides proper context while automatically predicting the probability of a CVE being exploited. Just as cyber security matures and evolves, so is vulnerability management - and the DVE Score is the engine that propels it forward.

 

For more on the launch of the Cybersixgill Dynamic Vulnerability Exploit (DVE) Score, check out our press release