Vulnerability exploitation is the most common attack vector for cybercriminals. For example, IBM’s XForce estimates that more than a third of all cyberattacks in 2021 used vulnerability exploitation as the initial means of infiltration. To remediate these threats and reduce risk, security teams need to know their vulnerabilities, the probability of exploitation, and the level of risk each exposure poses to the organization.
Today, we are raising the bar on vulnerability prioritization with our new Dynamic Vulnerability Exploit (DVE) Intelligence, combining automation, advanced analytics, and rich vulnerability exploit intelligence to address all phases of the Common Vulnerabilities and Exposures (CVE) lifecycle.
DVE Intelligence includes substantial updates to our previous DVE score offering. DVE has evolved from a risk-scoring model to a comprehensive solution with new features and functionalities.
DVE Intelligence does not depend on external data sources like cybersecurity risk databases and registers. Instead, it harnesses Cybersixgill’s best-in-market collection of cyber threat intelligence, extracted and enriched in real-time from the clear, deep, and dark web. DVE Intelligence supports all stages of the threat exposure lifecycle, with precise intelligence on the vulnerability of an organization’s assets, threat context, and the adversarial mindset – dramatically accelerating the mean time to remediate through five steps:
- Attack surface scanning for specific assets, products (CPEs), and CVEs – The DVE interface enables customers to efficiently identify and scope the particular CVEs, and Common Platform Enumeration (CPEs) that could expose the organization to attack.
- Automated mapping of product versions (CPEs) to relevant CVEs – CPE to CVE matching is critical to reducing false positives/negatives, allowing teams to focus only on those vulnerabilities that directly affect their existing IT assets and infrastructures.
- Mapping of CVEs to MITRE ATT&CK framework – By mapping CVEs to MITRE ATT&CK tactics and techniques, DVE Intelligence provides vital insight into the higher-level objectives of the attacker, as well as the likely method and potential impact of exploitation.
- Complete intelligence context – DVE Intelligence delivers comprehensive context collected on threat actors and their discourse, exploit kits, attribution to malware, APT, and ransomware. Cybersixgill also provides a continuously-updating risk score that reflects a real-time likelihood that a vulnerability will be used over the next 90 days.
- Delivery of remediation instructions – DVE Intelligence continuously monitors vendor sites and MITRE CVE records, presenting comprehensive remediation information, education and links directly within the DVE interface, dramatically reducing the mean time to remediate.
How DVE Intelligence Benefits You
DVE Intelligence is highly customizable and flexible. It can be integrated into your unique security infrastructure. DVE data can be consumed through the Cybersixgill SaaS Investigative Portal, via API integration, or through an intelligence feed.
DVE Intelligence delivers the earliest possible warning of risk. Dynamic and preemptive, Cybersixgill’s DVE Intelligence has often identified and scored high-severity CVEs well before the Natural Vulnerability Database had even assigned it a CVSS severity rating.
Cybersixgill’s DVE Intelligence benefits are easily quantifiable: it’s fast, precise, and consolidated. In addition, it will hone in on the vulnerabilities that pose the most significant risk to your organization, rationalizing your security stack with a single source of truth.