Predict the immediate risks of a vulnerability based on threat actors’ intent.
Leverage best in class collection
Gain unmatched visibility
Get real-time predictions
Prioritize faster
Chris Roberts, vCISO & Researcher
The Dynamic Vulnerability Exploit Score (DVE) transforms your vulnerability prioritization with exceptional accuracy, adding an essential layer of context based on actors’ intent. Due to the most comprehensive deep and dark web threat intelligence collection, you get real-time visibility and understanding of the vulnerabilities that interest threat actors the most. DVE’s contextual vulnerability intelligence is stunningly comprehensive and accurate. The audit trail provides the rationale behind the score, including POC exploit codes for zero day vulnerabilities – so you can understand and make better decisions – even for vulnerabilities with no CVSS rating. Smart tags and filtering allow you to quickly and easily investigate, enrich and integrate it with your remediation processes and methodologies.
Consume IOCs and threats from vulnerabilities, directly and easily inside your security platform (machine-to-machine)
Supercharge your security/VM platform with real-time contextual data on IOCs and CVEs
Receive automated early warnings of new malware threats and new CVE’s, even before NVD scored it
Level-up vulnerability prioritization, patching cadence, and threat hunting for malicious IOCs
Better understand the vulnerabilities’ lifecycle, malware TTPs and trends
– Global threat intelligence lead
Each CVE that has been scored is backed by an audit-trail, explaining the DVE’s reasoning for the score. This audit-trail gives security teams visibility into the objective evidence powering the prioritization of the vulnerability. This insight makes it easier to justify actions to peers and superiors within their organization while providing visibility and governance like never before.
The Cybersixgill DVE Score is derived from automated AI analysis of underground discourse on deep and dark web forums and is combined with intelligence from other sources, such as code repositories and technical know-how. This empowers you to track threats from CVEs that most others define as irrelevant or obsolete and have a higher probability of being exploited by active threat actors in the cyber underground.
Cybersixgill’s proprietary technology provides a complementary approach to NVD’s static CVSS score, adding a much-needed dimension of probability. It ultimately helps you answer that critical question: how likely will this CVE be exploited in the near future?
Automatically gain access to remediation information for each vulnerability directly from NVD, MITRE and other vendor sites.
Receive a full intelligence picture of the vulnerability, complete with context – including a comprehensive audit trail of the data we have collected on the actors and their discourse, exploit kits, attribution to malware, APT and ransomware. This includes a score of the likelihood a vulnerability will be exploited over the next 90 days, hours after the CVE is first published. Unlike CVSS, this score is continually updated in real-time in response to the threat intelligence we gather.
Map vulnerabilities to MITRE ATT&CK framework to anticipate how, when or why criminals will exploit each vulnerability, listing the CVEs used in the context of each technique to assess the risk to your organization and prioritize remediation efforts.
Accurately match organizational CPEs identified in step 1 to specific, related vulnerabilities (CVEs) to determine which vulnerabilities are exposing your systems to attack.
Discover and scope the relevant organizational assets (ie. CPEs) and vulnerabilities (ie CVEs) or identify specific CPEs and CVEs that are of interest.