Tenable Inc has announced Predictive Prioritisation is now generally available within Tenable.io — its cloud-based vulnerability management platform and a core component of the Tenable Cyber Exposure platform. Predictive Prioritisation is an innovation for solving the vulnerability prioritisation problem, enabling organisations to dramatically improve their remediation efforts by focusing on the three per cent of vulnerabilities that are most likely to be exploited.
Attempting to prioritise vulnerabilities with CVSS (Common Vulnerability Scoring System) alone presents significant limitations. According to the National Vulnerability Database, there were 16,500 new vulnerabilities disclosed in 2018 alone, but only a small subset had a public exploit available and even fewer were actually leveraged by attackers. However, the majority of vulnerabilities scored through CVSS are rated ‘high’ or ‘critical.’ This creates an overload of high-priority vulnerabilities and one of the most difficult challenges organisations face today
Predictive Prioritisation addresses this industry-wide problem by re-prioritizing vulnerabilities based on the probability they willbe leveraged in an attack. Tenable.io now automatically displays a Vulnerability Priority Rating (VPR) that indicates the remediation priority of each flaw, along with VPR Key Drivers, which provide enhanced context into how scores are calculated. Both features are dynamic and change with the threat landscape, arming security teams with actionable insight into their true level of business risk.
“The release of Predictive Prioritization across Tenable’s Cyber Exposure platform is the latest phase of our mission to redefine vulnerability management for the digital era. We’re helping customers solve one of the most difficult challenges in the industry today. Predictive Prioritization flips the advantage back to cyber defenders by telling them where they’re exposed, to what extent and which vulnerabilities to focus on first. These are all critical components of an effective Cyber Exposure strategy, “said Renaud Deraison, Co-Founder and Chief Technology Officer, Tenable.