2023-06-06
The 2023 Vulnerabilities and Threat Trends by PRIOn report (mid-year update)
Automates the enrichment and the analysis of CVEs. The triage phase makes the examination of a vulnerability fast, comprehensive and easy. It reduces human workload, it saves money and it provides comprehensive information about a vulnerability itself.
Automates the prioritization of the identified vulnerabilities. It provides an actionable quantifiable risk score for each vulnerability. Internal teams will be able, by utilizing PRIOn score and data, to develop a proper remediation plan on focusing into which vulnerabilities must be fixed first.
Collects contextualized intelligence information from a dozen of external sources. Exploitability, exploited in the wild, media & news trends and threat actors activity artifacts are collected in order to determine which vulnerability poses the most significant threat.
Gains further insights from a vulnerability under examination, by linking a CVE description with various cyber security classification taxonomy frameworks, including MITRE ATT&CK (Impact), CAPEC (Attack Pattern), CWE (Weakness), OWASP TOP10 (Impact) and DISA STIG (Technical Guide) respectively. Predictive technology is used by utilizing deep learning techniques with a confirmed 96% accuracy rate.
A vulnerability type is determined so teams can know the type of the vulnerability, e.g. remote code execution, denial of service etc, without needing to go through the entire CVE description. Again a predictive technology is used by utilizing deep learning techniques with a confirmed 82% accuracy rate.
Supports REST API, which exposes a number of endpoints providing access, programmatically, to PRIOn crunched data. Teams are able to consume those data and integrate them with their existing internal cyber security tools such as SIEM, SOAR etc.
Current vulnerability management cycle is broken. Existing tooling and reports from security consultants simply provide an enormous list of findings with indicative scoring which are left to the hands of IT/SecOps teams to triage manually. Prioritization as done today requires information from multiple sources that add up to the effort and are prone to error and misinterpretation. Collaboration between stakeholders is difficult.
PRIOn SaaS platform re-frames, accelerates and simplifies the current problematic vulnerability management workflow. We provide a single pane of glass of the overall cyber-security risk exposure. The platform ingests vulnerability, threat intelligence and environmental data, including asset management information, and provides a true risk based priority score. Integration with collaboration tools helps disseminate information to stakeholders and streamline the whole process.
We’re picking the brains of our Vulnerability PRIOritization Technology
to bring you an up-to-date list of the Top Vulnerabilities to watch out for on your environment.
|
CVE
|
Affects
|
Type
|
PRIOn Score
|
|---|---|---|---|
|
F5/BigIP
|
Authentication Bypass
|
99
|
|
|
Microsoft/Windows
|
Remote Code Execution
|
98
|
|
|
VMWare
|
Template Injection
|
96
|
|
|
Apache/APISIX
|
Authentication Bypass
|
96
|
|
|
Zibra/Collaboration
|
Directory Traversal
|
96
|
|
|
Atlassian/Confluence
|
OGNL Injection
|
95
|
|
|
Spring WebFlux
|
Remote Code Execution
|
95
|
|
|
Microsoft/MS Exchange
|
Remote Code Execution
|
94
|
|
|
Microsoft/MS Exchange
|
Remote Code Execution
|
94
|
|
|
Google/Chrome
|
Heap Overflow
|
94
|
As a fully transparent company, here’s our progress so far.
Coding Started
In Spring 2022 we started development of our backend data pool and core data handlers
MVP Released
We showed our community the minimum viable product and gathered actionable feedback
Knowledge Base Public
Commercial API Access
Our second product is open for Business. The B2B API component is available for integration by security-aware corporations and vendors
Our B2B API can support every integration possible with your systems and processes.
From our Free Knowledge Base access to a custom integrated API for Vendors or Corporations, we stand ready to prioritize and assist with credible Security info.
Our Security Researchers are always on the lookout and inform you for the latest developments both here at PRIOn and the Global Cyber Security landscape.
The 2023 Vulnerabilities and Threat Trends by PRIOn report (mid-year update)
In this blog post we will walk you through the most notable, detected and widely exploited vulnerabilities of 2022 In…
While using KB’s front-end is quick and easy, to get the most value you can use the REST API that…
Our dedicated team is always just one eMail away
We will discuss to find your exact needs and evaluate what we can do to help.
Our dedicated team will design a custom made proposal that suits your needs.
The complete solution as drafted on the previous steps is delivered to you.
