Kenna Security, the risk-based vulnerability management company, has unveiled its latest tool to boost companies’ digital defences.
The firm has collaborated with security researchers and data scientist to create the Exploit Prediction Scoring System (EPSS). The system is a free and open model that uses 16 variables to predict the likelihood of a vulnerability being exploited.
In other words, it enables the companies using the system to better understand the risks they will face in the future.
“With this new system backed by data science, we can stop the massive impact of the next BlueKeep or WannaCry,” said Michael Roytman, chief data scientist at Kenna Security. “Just like we’ve seen in weather forecasting or disease control, data science has reached a level of sophistication that allows us to make predictions on cyber risk and give security teams the information they need to protect data and systems.”
Kenna Security argued that the new tool has several advantages to the classic Common Vulnerability Scoring System (CVSS) most businesses use to assess risks.
The company stated that while the CVSS is common, it is subjective or differentiate whether or not a software is used by millions of users or just one company.
The news comes over a year after Kenna Security secured a $25m Series C funding round. It closed the round in March 2018. The startup was supported by venture capital firm Bessemer Venture Partners, which led the round.
US Venture Partners, Costanoa Ventures, PeakSpan Capital, Hyde Park Angels and OurCrowd also participated.
Copyright © 2018 RegTech Analyst