It is possible organizations can reduce business risk by focusing on the three percent of vulnerabilities with the greatest likelihood of being exploited in the next 28 days, said officials at Tenable, Inc.
That is because a new product called Predictive Prioritization can prioritize vulnerabilities allowing the user to understand where it is most exposed to threats.
There were 16,500 new vulnerabilities disclosed in 2018 alone, of which only a small fraction was actively weaponized for cyberattacks, according to the National Vulnerability Database. These vulnerabilities, combined with the inability to identify those that pose an actual threat to the business, leaves organizations unable to effectively measure, manage and reduce risk.
The product is now available within the company’s on-premises vulnerability management offering — Tenable.sc (formerly SecurityCenter) — which is a core component of the Tenable Cyber Exposure platform.
It analyzes Tenable vulnerability data combined with third-party vulnerability data and threat intelligence across 150 data sources using a proprietary machine learning algorithm to predict the likelihood a vulnerability will be exploited in the next 28 days.
That means organizations will be able to evolve their vulnerability remediation efforts from reactive to predictive by focusing on the three percent of issues that could and likely will be exploited.
“Predictive Prioritization is a massive innovation in vulnerability management. It will change the way companies run their vulnerability management programs by giving them a new level of insight on where to focus based on threats to the business,” said Renaud Deraison, co-founder and chief technology officer (CTO).