Delve Labs, the vulnerability management solution leveraging machine learning to automate vulnerability management scanning and prioritization, has released a free, public vulnerability threat feed that identifies newly-published vulnerabilities that are likely to have an exploit published in the near future, and also identifies vulnerabilities that are closely related to security topics trending in the community.
A key element of Delve’s intelligent vulnerability management solution is its machine-learning Contextual Prioritization, which evaluates 40-plus factors for each vulnerability on an enterprise network, numbering all vulnerabilities from 1 ton in order of remediation priority, giving IT and security teams a clear order for their remediation activities.
Two of those 40-plus factors are 1) whether or not a vulnerability is likely to have an exploit published for it when none exist at the current time, and 2) whether topics closely related to the vulnerability are trending in security community discussions or dark web forums.
Delve is taking these two factors directly from its VM solution and making the results free for all.
“It’s popular now to equate the likelihood a vulnerability will be exploited with remediation prioritization, but it’s only a part of the equation,” noted Serge-Olivier Paquette, Delve’s Lead AI Researcher.
“With this threat intelligence feed, we’re making public less than 5% of the data we use to prioritize each vulnerability, not only to be good citizens of the information security community, but also to demonstrate how important it is to view prioritization in context. Potential exploitability is a useful element of prioritization, but it’s not a panacea.”
The Delve threat intelligence feed pulls the latest vulnerabilities from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD), and applies its proprietary, machine learning-based Exploit Publication Predictor (EPP) engine to each new vulnerability, publishing the results on Delve Labs’ new threat intelligence webpage.
The feed lists the new vulnerabilities published by NIST in the past 30 days most likely to have an exploit developed, and is updated daily.
In addition, the Delve prioritization engine consumes data on ongoing conversations on social media, dark web sources, and other information security discussion boards, extracts popular topics, and then identifies vulnerabilities most closely related to those trending topics.
Recent vulnerabilities with the highest VTS (Vulnerability Trending Score) are also listed on the Delve threat intelligence page.