Invicti has announced its new AI-enabled Predictive Risk Scoring capability. The feature assigns predicted risk to applications and helps organisations gain a view of their overall application security risk.
Predictive Risk Scoring allows organisations to determine which web applications should be scanned first and proactively prioritise remediation efforts. This new capability remaps the application security testing process to profile and calculate a risk score on all discovered web applications—before any scanning begins.
Risk management and prioritisation are ongoing challenges in application security with the high volume of vulnerabilities that are discovered across web applications and APIs. While vulnerability severity helps order which vulnerabilities might require attention over others, there’s still a lack of information around exploitability and risk.
“Everyone working in cybersecurity needs to work faster, with more confidence that they are doing the right thing to protect their organisations. This new advancement in AppSec testing helps make that a reality,” said Neil Roseman, the CEO at Invicti. “CISOs can now look at their application attack surface using a risk-based approach, guaranteeing that their AppSec programme is focusing efforts in the right areas.”
Predictive Risk Scoring addresses the gap in vulnerability severity information by applying an AI model on discovered assets and calculating a risk score from a set of 220 parameters with a minimum 83% confidence level. Among the many advantages from this innovation, no scanning resources are required and no customer data is needed to assess the risk score.
“Protecting applications is crucial for companies of all sizes, but it’s challenging with the complexity and noise in the application security market, amplified with the adoption of AI. Now more than ever, security teams need to prioritise their efforts to address the riskiest issues, with speed and scale.” said Melinda Marks, the practice director, cybersecurity at ESG. “Risk-based prioritisation can help organisations best deploy their resources and optimise efficiency to secure their environments to support business growth.”
Predictive Risk Scoring is currently available to Invicti customers using both Acunetix and Invicti (formerly Netsparker) product lines.
Comment on this article via X: @IoTNow_