Predicting Exploitability - Forecasts for Vulnerability Management

Explore predictive models for vulnerability management in this 42-minute RSA Conference talk. Learn how to forecast which vulnerabilities are likely to be exploited using open-source data and machine learning. Discover the speaker's 90% accurate model for predicting exploitability on the day a vulnerability is released. Gain insights into evaluating machine learning models in the context of vulnerabilities and exploits, selecting appropriate models, and asking the right questions. Witness live forecasts and understand the future of data-driven security. Delve into topics such as CVSS, positive predictive value of remediation, and the role of AWS ML in vulnerability prediction. Examine various models, including the "Highly Likely" and "Most Likely" approaches, and understand how to measure their performance. Explore the importance of patches, affected software, and vulnerability prevalence in predicting exploitability. Gain valuable takeaways on leveraging machine learning for more effective vulnerability management and staying ahead of fast-moving attackers.

RSAConference 2018
3 Types of Data-Driven
THE PROBLEM
Retrospective Model: CVSS
Real-Time - The Data
Positive Predictive Value of Remediating
FUTURE OF DATA PAST
EXPLOITABILITY
Learning Machine Learning
The Future
Enter: AWS ML
All Models
Predictive - The Expectations
Baseline
LMGTFY
Moar Simple?
Measuring Performance
Patches
Affected Software
Words!
Vulnerability Prevalence
Model 6: "Highly Likely"
Future Work
Takeaways
Machine Learning = ROBOT Unicorns + Rainbows
The Takeaway
Putting It All Together
Model 6: "Most Likely"
Attackers Are Fast