Critical Watch launched its ACI Recommendation Engine which consolidates multiple disparate data points into a unified view of risks. It’s designed to help close the gap between detection and protection by linking risk assessment with active mitigation.
“There’s a lot that goes into building a system that can reliably and accurately recommend countermeasures based on raw risk data that comes from different types of scanners with varying data models,” noted Mike Curtis, vice president of technology strategy at Critical Watch.
“Then to make that recommendation logic and functionality work in a common way across various vendors in disparate countermeasure categories is extremely challenging. This ground-breaking technology can change how the industry approaches the challenge of security intelligence going forward,” he added.
The ACI Recommendation Engine leverages the work of the Critical Watch Basecamp Labs research team. Part the recommendation logic leverages standards including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE) and Common Attack Pattern Enumeration and Classification (CAPEC) to factor in a standards-based perspective.
The ACI Recommendation Engine identifies risk across your systems and recommends the optimal countermeasures, allowing semi and fully automated workflow to initiate the countermeasure process.
This proactive approach integrates seamlessly across third-party security management tools such as security information and event management (SIEM) solutions, reducing the need for manual involvement and improving response time in mitigating risks.