The integration of threat intelligence which will help to identify and eliminate the latest high risk vulnerabilities in enterprises has been announced by Secureworks. The threat intelligence feeds from their counter threat unit (CTU) into vulnerability detection and response (VDR). While threat actors use advanced tactics, techniques, and procedures to identify vulnerabilities, security teams are forced to fall back on simple severity scores to prioritise threats. Now with VDR, security administrators will reduce the danger of being overwhelmed by the sheer volume of vulnerabilities and the difficulties of integrating related information. VDR intelligently prioritises vulnerabilities to reduce remediation efforts by assessing 50 factors across organisations, assets, and networks. This now includes CTU curated threats intelligence to drive prioritisation.
Each factor acts as a virtual expert with specific knowledge that feeds the artificial intelligence engine of VDR. By integrating CTU threat intelligence, the need to manually correlate it with vulnerability data is eliminated saving vital time and effort to speed remediation. The CTU performs more than 1,400 incident responses and 2,500 adversarial testing engagements each year and monitors 246 threat groups globally. Continuous asset discovery, identification, vulnerability scanning, and prioritisation accelerates remediation by focusing on the vulnerabilities that pose the greatest threats to the organisation.
“High-performing IT security teams know that a best practice for vulnerability management is integrating vulnerability scanning with threat feeds to accurately estimate risk,” Craig Robinson, program director at IDC, said. “Without that extra level of intelligence, IT teams are presented with the impossible challenge of addressing every vulnerability, working with the right partner allows companies to do more with less, a necessity as companies face challenges such as a shortage of skilled talent and attacks that are increasing in volume and sophistication.”
In applying advanced machine learning to prioritisation, the VDR surfaces serious security issues that might otherwise be missed, such as a vulnerability that has a low criticality score but attacks a high-value asset with direct access to other vulnerable high-value assets. Security teams can focus remediation efforts on the vulnerabilities that truly present the greatest threats to their organisation.
“With Secureworks Taegis, we are continually integrating our years of deep security expertise and current understanding of the threat with the latest advancements in software engineering and data science,” Steve Fulton, chief product officer at Secureworks, said. “The VDR, unlike traditional vulnerability management systems, provides a risk-based approach that combines continuous scan data and threat intelligence with the power of machine learning, saving security professionals hours of manual work analysing, integrating, and utilising the data required to keep a company’s IT infrastructure secure.”