Thinking About Vulnerability Management

Written By Ross Francis

Over the last year or two, AI has been in the news almost every day. With the headlines ranging from AI usage in the arts, through to the use of AI to assist with cheating in exams, or development of malware tools, there has been palpable anxiety around what this means for the working future of the population. The AIs being discussed are not usually Artificial General Intelligence, but rather more focussed LLMs (Large Language Models) designed for specific functions, trained through the input of large amounts of data. A subset of LLMs are known as GPTs (Generative Pretrained Transformers), which can read huge amounts of text, then see patterns in how words and phrases relate to each other. This makes predictions about what words should come next, forming impressively stylised and detailed passages of text based on inputted briefs. Because of this focussed approach, there are many arenas in which LLMs can make positive, valuable contributions in reducing workloads and improving efficiencies, from medicine through to development of computer technologies.

One key area is vulnerability management. In the ever-expanding digital landscape, there are currently more than 200,000 vulnerabilities detected, with about 10% of this number detected in the last year - and this is increasing at an exponential rate. The challenge with managing and handling vulnerabilities is ever-growing, requiring significant manpower simply to keep up with the published vulnerabilities, let alone the zero-day vulnerabilities.

For most vulnerability management solutions, the assessment and detection of the vulnerabilities is dealt with by one team, and the remediation of the vulnerabilities by another. For some clients this works well, and this standalone MVS service is something that Vambrace offer. Our SOC are able to add in valuable Threat Intelligence and context to each vulnerability identified, enabling clients to tackle critical vulnerabilities effectively. With vuln_GPT, Vicarius has trained an LLM to generate scripts to remediate the vulnerabilities. This could be through removing a file, closing a port, disabling a protocol, or initiating a compensating control. These scripts can easily be deployed, and made effective in a matter of minutes through the Vicarius vRx solution. These are all strategies that can provide a sturdy and reliable fix while vendors work on releasing a patch, or while security teams test one in a lab environment. Additionally, because vuln_GPT works without human intervention, it also makes vulnerability detection and remediation faster and more cost effective, without the need for large research teams or highly skilled security engineers, saving time and money


All of the scripts generated by vuln_GPT will be available to anyone, free of charge, in vSociety. https://www.vicarius.io/vsociety/

Ross Francis
Next

Ransomware deemed as the number one cyber threat for businesses in the UK