You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to determine vulnerability risk prioritization, a vulnerability detection engine will need to detect, and prioritize exploits used within known threat actor profiles, and analyze them within SDOs.
Current Workaround
None
Proposed Solution
OpenCTI can leverage SDO to detect vulnerabilities mapped to specific benign cyber defender IT Infrastructure. Additionally, a CTI analyst can create SDOs that analyze vulnerabilities propagated from malicious actor C&C, or IT Infrastructure
The key features provided within ThreatMapper that could benefit OpenCTI is as follows:
Rank Vulnerabilities by Risk-of-Exploit: ThreatMapper ranks discovered vulnerabilities against CVSS and other severity scores, exploit method and proximity to attack surface, in order to identify which issues pose the greatest risk of exploit.
If the feature request is approved, would you be willing to submit a PR?
Yes, I would need assistance as this feature enhancement will require consultation with both OpenCTI and ThreatMapper.
The text was updated successfully, but these errors were encountered:
Use case
In order to determine vulnerability risk prioritization, a vulnerability detection engine will need to detect, and prioritize exploits used within known threat actor profiles, and analyze them within SDOs.
Current Workaround
None
Proposed Solution
OpenCTI can leverage SDO to detect vulnerabilities mapped to specific benign cyber defender IT Infrastructure. Additionally, a CTI analyst can create SDOs that analyze vulnerabilities propagated from malicious actor C&C, or IT Infrastructure
Additional Information
https://github.com/deepfence/ThreatMapper
Request on LinkedIN
https://venturebeat.com/2021/10/13/deepfence-open-sources-threatmapper-to-find-and-rank-software-vulnerabilities/
The key features provided within ThreatMapper that could benefit OpenCTI is as follows:
Rank Vulnerabilities by Risk-of-Exploit: ThreatMapper ranks discovered vulnerabilities against CVSS and other severity scores, exploit method and proximity to attack surface, in order to identify which issues pose the greatest risk of exploit.
If the feature request is approved, would you be willing to submit a PR?
Yes, I would need assistance as this feature enhancement will require consultation with both OpenCTI and ThreatMapper.
The text was updated successfully, but these errors were encountered: