Some would argue that the very term is an oxymoron. But there’s no question about what an essential aspect of cybersecurity it is – or what an ever-growing challenge it is.
The problem is that there are simply more vulnerabilities than companies can realistically expect to patch. And while solutions such as CVSS scores can help you identify the vulnerabilities that are theoretically the most dangerous, the conventional approach to vulnerability management doesn’t do much to help cybersecurity teams identify those vulnerabilities that present the most urgent risk in the real world.
The AI-powered DVE Score offers a new and more effective approach to vulnerability management by evaluating the probability that a given vulnerability will be exploited in the next 90 days. By automatically analyzing Cybersixgill’s unmatched collection of cyber threat intelligence from sources on the deep, dark, and clear web, the DVE Score considers threat actors’ intent when determining the risk level posed by a given vulnerability. This way, the DVE Score – unlike the relatively static CVSS scores – empowers cybersecurity teams to prioritize those vulnerabilities most likely to lead to a cyberattack in the near future.
Providing Easy Access to Threat Intelligence from the Cybercrime Underground
This new integration comes following the integration of Cybersixgill’s Darkfeed solution with Swimlane earlier this year. That step made it easy for Swimlane customers to take advantage of our collection of threat intelligence from the deep, dark, and clear web in order to stay updated on major cyber risks. Now, with the expansion of our work with Swimlane, these customers can bring that same innovative approach to threat intelligence to the world of vulnerability management.
Why is this approach to threat intel such a game changer? At its core is the realization that the dark web is the go-to channel for threat actors looking to communicate, collaborate, and transact anonymously – making it a valuable source of details on their future plans.
The goods and services sold on dark web markets often include products stolen in previous cyberattacks, tools to be used in future cyberattacks, and products that were acquired in previous attacks in order to be sold and used to facilitate future cyberattacks. Meanwhile, threat actors also use dark web forums to communicate and gather information, leaving footprints that can point to their future plans. As a result, it is common for evidence of planned cybercrimes to appear on the dark web well before it can be found by conventional cyber threat intelligence tools (such as telemetry-based solutions).
By bringing the value of cyber threat intel from the deep, dark, and clear web (combined with the power, scalability, and convenience of automation) to the realm of vulnerability management, the DVE Score offers a system of prioritizing vulnerabilities that reflects the real-world risk that they pose at any given time. As we noted in a recent whitepaper exploring how the DVE Score works, this approach gives organizations the insights they need to identify an urgent vulnerability – even if other threat intel tools have dismissed that vulnerability as irrelevant or obsolete.
In other words, the DVE Score makes it easy for cybersecurity teams to know exactly which vulnerabilities they need to patch next.
And given the time and resources that go into implementing patches – as well as the breakneck pace at which new vulnerabilities and patches are publicized – that information can be the key to making vulnerability management, well, manageable.