CyberGRX has added a Predictive Data tool to the Exchange platform’s Attack Scenario Analytics feature. Customers can use CyberGRX’s predictive risk intelligence capabilities, which have up to 91% accuracy, to assess the level of risk posed by a third party against the 13 key security categories established by the MITRE ATT&CK framework.
Fred Kneip, CEO of CyberGRX “Our assessment database continues to grow every day, because we have developed a standardized assessment that has been used by over 12,000 companies. Currently, we have extensive third-party cyber risk data available on over 225,000 companies, allowing CyberGRX to serve as a one-stop-shop for threat and risk analytics. We want to continue to give customers the tools to be efficient and secure, without the extra work, which is what makes the Predictive Data revolutionary.
With Predictive Data, we are able to uncover areas of risk that may have gone unreported and provide a path forward with remediation.”
This enables organizations to identify outliers that will necessitate additional assessments to ensure they meet their security standards.
The MITRE ATT&CK framework is possibly the most extensive, in-depth, organized, and well-supported base of adversarial behavior. Using this framework, an organization can examine its security controls to identify gaps in its defenses.
While Attack Scenario Analytics compares a third party’s attested data to MITRE framework categories, Predictive Data uses CyberGRX’s predictive data to provide a similar level of visibility on any third party in your portfolio without requiring an assessment.
The following advantages are provided by CyberGRX’s Attack Scenario Analytics:
- Map to the widely used threat hunting analysis framework in the cybersecurity industry.
- Using MITRE techniques to create kill chains/use cases, you can uncover gaps that would otherwise go unreported.
- Integrate CyberGRX results with internal risk and threat management programs.
- Improve third-party relationships by presenting credible risk findings as well as suggested defense mechanisms and mitigation strategies.
- Improve third-party attack detection, monitoring, and response.
This enhancement to the Attack Scenario Analytics feature now provides a single platform for stakeholders, cyber defenders, and vendors to view and communicate on the exact nature of a threat as well as an objective assessment of the cyber defense plan that can defeat it.