The phrases machine studying (ML) and synthetic intelligence (AI) are means overused phrases in our trade. Each vendor appears to have the newest and best ML/AI resolution to resolve your safety downside. However whenever you actually dig into the maths, there are mathematical fashions that may really assist us. So why don’t we deal with the specifics?
A variety of it has to do with advertising. Each vendor needs to have the newest and best resolution, regardless if it really works and even solves an issue. It additionally fuels new markets by the analysts to attempt to embrace these new options and attempt to completely different the previous market with the brand new market. Assume I’m exaggerating? Let’s talk about a market close to and expensive to my coronary heart, Vulnerability Administration.
Everyone knows this market fairly nicely, however let’s take a look at it’s historical past…. Vulnerability Evaluation turn out to be Vulnerability Administration, as we realized it was a course of, not a scan. We embraced the widespread vulnerability scoring system (CVSS) to assist us prioritize vulnerabilities, however it wasn’t sufficient. Then we launched Risk and Vulnerability Administration (TVM), as threats would assist us prioritize vulnerabilities, however it nonetheless missed the mark. Now it’s about Danger-based Vulnerability Administration, as we perceive that asset criticality is a vital a part of the prioritization of vulnerabilities. However most distributors nonetheless depend on CVSS as the premise for the rating…
Michael Roytman from Kenna Safety joined Paul’s Safety Weekly to debate the constraints of CVSS and why mathematical fashions are significantly better at predicting outcomes to handle the broad concern of non-targeted assaults. These mathematical fashions are the inspiration of Kenna Safety’s Danger-based Vulnerability Administration resolution. Kenna Safety’s options leverage real-time risk intelligence and unmatched information science to point out you the precise danger of each vulnerability, so you’ll be able to focus assets on those who matter.
To get a deep dive into the maths behind Kenna Safety, watch the interview on Paul’s Safety Weekly right here, to construct your risk-based vulnerability administration program, watch their current on-demand webcast right here, or go to securityweekly.com/kennasecurity for extra data.