Aggregator

你可能错过的新鲜事Windows 11 Recall 将在 10 月开启公测微软于 8 月 21 日宣布，Recall 功能预计将于 10 月份开始向 Windows Insiders 提供，并再

信创&密评场景，用统一身份收敛“弱口令”问题 日期：2024年08月23日 阅：69

近几年，“HW”、“信创”、“密评”成了各行业关注的热词。面对相关法律法规中的各种要求，市面上眼花缭乱的产品和 […]

It’s easy to find vulnerabilities. It’s harder to prioritize and fix them. 

So far in 2024, there has been an average of over 110 CVEs disclosed per day. Compounded with all the vulnerabilities disclosed in the last two decades, security teams are faced with triaging thousands and thousands of vulnerabilities and deciding which ones need to be fixed first. 

Vulnerability prioritization remains a critical challenge for security teams—but machine learning offers solutions to lessen the burden of analysis.

The right vulnerability prioritization strategy to employ depends on the nature of your business, your tech architecture, and more. Given all the different prioritization criteria we hear from customers, we set out to build Dazz Priority Scores, which we announced earlier this year. 

Dazz Priority Scores uses context such as issue exploitability, exposure, severity, business impact, and root causes to help customers quickly identify the most critical issues to fix out of potentially thousands discovered by their detection tools. By using Dazz Priority Scores, customers reduce the backlog of vulnerabilities that need to be further analyzed by an order of magnitude.

The magic behind Dazz Priority Scores

The Dazz Unified Remediation Platform uses machine learning to continually assess a customer’s risk landscape. To calculate a Priority Score, the Dazz platform considers the following factors:

• Business context: taking into account which applications, data, and infrastructure resources are impacted by specific vulnerabilities
• Risk context: assessing the vulnerability severity, exploitability, and threat intelligence available for any vulnerability
• Environment context: understanding where the vulnerability originates, what’s impacted downstream, and what remediation and mitigation steps are available

Given these factors, Dazz calculators “sub scores” which can be bucketed into:

• Risk scores
• Asset scores
• Remediation scores

Let’s take a look at each. 

Risk scores

Risk scores assess all factors of a given vulnerability. To start, Dazz considers the severity from the source detection tool of a vulnerability. If a vulnerability has been seen by multiple sources, customers can apply their own logic to normalize a severity rating.

On top of severity, Dazz considers exploitability data from CISA KEV, EPSS, and other threat intelligence sources. Finally, Dazz takes into account customer-defined SLAs. If a vulnerability has breached its SLA date set by the customer, the risk weighting will be greater.

Asset scores

Asset scores take into account the business context of applications, data, and infrastructure resources associated with any vulnerability. By ingesting data from CMDBs, directories, and other platforms, Dazz automatically correlates vulnerabilities with business context. Dazz Business Units allows customers to enrich the correlation of vulnerabilities and auto-assign certain owners depending on the resources impacted by any vulnerability.

Dazz can also glean other characteristics about vulnerabilities to weight them as a greater risk, like whether they impact internet-facing resources or applications through reachable code.

Remediation score → effort to fix

The final element of Dazz Priority Scores considers remediation actions. This is often one of the most sought after elements that customers haven’t been able to attain before using Dazz. By determining the root cause of vulnerabilities, Dazz understands the relative effort required to fix it. Dazz can also outline the best remediation and mitigation options available, highlighting which will be most effective given the environmental context of the vulnerability.

Furthermore, Dazz can understand when multiple vulnerabilities stem from the same root cause. The concept here is that vulnerabilities that share a root cause may be weighted higher since the risk reduced upon remediation is far greater than a single vulnerability in isolation.

Putting it all together

Dazz Priority Scores = weighted asset risk score + weighted risk score + weighted remediation score. 

Scores are calculated on a scale of 0-100 for each finding, with 100 being the highest score. Customers can understand which factors contributed to any score, and customize weights according to what makes the most sense to their business.

Since machine learning underpins the model, Dazz Priority scores get better and better as it’s applied to billions of vulnerabilities across our customer base.

If you’d like to learn more about Dazz Priority Scores and try it for yourself, contact us today.

The post How we improved vulnerability prioritization with machine learning appeared first on Security Boulevard.

Calibre-web 0.6.21 - Stored XSS

Helpdeskz v2.0.2 - Stored XSS

分享独立开发、产品变现相关内容，每周五发布。目录1、Telegraph-Image: 开源免费图片托管解决方案2、textsniper：文本识别提取3、【粉丝自荐】artipub: 一键自动文章发布至

US oil giant Halliburton announced that it was hit by a cyberattack that is affecting operations at its Houston, Texas offices. Halliburton, a major U.S. oil company, announced that a cyberattack hit its IT infrastructure, particularly impacting operations at its Houston offices. Halliburton Company is an American multinational corporation and the world’s second largest oil service company which […]

A cyberattack hit US oil giant HalliburtonUS oil giant Halliburton announced that it was hit b

Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. [...]

ALLERTA SPOILER: Questo è il testo di accompagnamento al podcast Il Disinformatico della

error code: 1106

The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. [...]

In the escalating battle against malicious headless bots, basic detection methods are no longer sufficient. As cybercriminals refine their techniques and leverage headless browsers to automate attacks with increasing sophistication, the need for advanced detection strategies has never been more critical. This blog post dives into the world of headless browsers, exploring how they are […]

The post The Growing Challenge of Headless Browser Attacks: How to Defend Your Digital Assets appeared first on Security Boulevard.

Server Sent Events (SSE), as the name suggests, are a way to communicate with the client by keeping