Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

12/10/2020
02:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ThreatConnect Releases Risk Quantifier 5.0

ARLINGTON, Va. -- ThreatConnect Inc.®, the leader in reducing complexity and enabling better decision making in cybersecurity, today released ThreatConnect Risk Quantifier™ 5.0 (RQ 5.0), continuing its innovation in the emerging field of cyber risk quantification.

ThreatConnect Risk Quantifier™ (RQ – formerly Nehemiah Risk Quantifier) enables the identification of the risks that matter most to the organization by quantifying them based on potential financial and operational impact, unifying security and the business to a common goal. This quantification relies on generally accepted risk models such as the popular Factor Analysis of Information Risk (FAIR) model, among others. It is also established in part by, and continuously informed by, your internal environment, threat intelligence, vulnerability management, operations and response data found within ThreatConnect and other integrations. RQ is distinctly different from other approaches offered in the market as it focuses on automation and data integration, and delivers value in days and weeks as opposed to months and years.

Companies cannot effectively prioritize vulnerabilities by leveraging risk scores alone. Effective prioritization requires an understanding of the impact an unmitigated vulnerability could have to the business. By quantifying risk, based on possible losses from business interruption and response, vulnerability exposure can be directly linked to the business services that are affected. With RQ 5.0, security professionals for the first time have a way to understand the potential financial risk that Common Vulnerabilities and Exposures (CVE’s) introduce to an organization and prioritize those CVE’s that could lead to the greatest financial loss if an attacker succeeds. RQ 5.0 takes into account existing technical scoring methods, including CVSS Scores, and uses that data as a weighting for the financial impact.

“This is an important capability that businesses have been demanding and that other vendors cannot address,” said ThreatConnect Vice President of Cyber Risk Strategy Gerald Caponera. “Now, through integration with your vulnerability management software, we are able to help organizations handle the flood of CVEs they get every day and prioritize them based on the quantified financial risk each introduces to the specific business - ultimately bringing relevancy and focus to the security team.”

RQ 5.0 also introduces support for multiple security control frameworks, including the NIST Cybersecurity Framework and the Center for Internet Security Controls. Now customers can have their prioritized recommendations based on the framework of their choice.

“Businesses also need a way to identify gaps in their program and the risk those gaps represent to the organization,” Caponera said. “With RQ 5.0 they can show the business solid numbers that support a prioritized list of recommendations based on the framework of their choice and their organization’s tolerance for financial risk by application.”

Another new feature of RQ 5.0 includes a powerful ‘what-if’ impact analysis tool that allows security leaders to model changes to application security control levels in a sandbox environment. Running the models enables security leaders to communicate to the C-Suite how increasing investment in security controls can lower the annualized loss expectancy stemming from the organization’s highest priority risks.

Using a risk-led approach to cybersecurity makes prioritization easy for security teams, enabling them to filter out noise and focus on what matters most. With CRQ, TIP and SOAR capabilities combined, ThreatConnect unifies the actions of the security team around the most critical risks, supports their response with streamlined and automated workflows and strengthens the entire security ecosystem through powerful technology integrations.

Additional details of the release are further outlined in a new blog and video available on the ThreatConnect web site. For more information - click here.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: STOP LOOKING IN HERE FOR YOUR PASSWORD!!!
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-28488
PUBLISHED: 2021-01-22
This affects all versions of package jquery-ui; all versions of package org.fujion.webjars:jquery-ui. When the "dialog" is injected into an HTML tag more than once, the browser and the application may crash.
CVE-2021-22847
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege.
CVE-2021-22849
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack.
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...