Darktrace’s Newsroom Speeds Vulnerability Management, Mitigation

Security vulnerability Log4J detected. 3d illustration.

Darktrace, a cyber security artificial intelligence specialist, has unwrapped its new Newsroom platform, which enables organizations to monitor open-source intelligence sources to detect critical vulnerabilities and assess its cyber exposure and risk.

The feature can also provide mitigation advice and offer a summary of exploits, affected software and assets within an organization, Darktrace said. Newsroom is part of the company’s Prevent product family launched last summer.

Quickly Understanding New Critical Vulnerabilities

According to a Darktrace data sheet: “Newsroom helps you quickly understand the impact of new, critical vulnerabilities on your organization. It alleviates the pain from managing a vulnerability response process by informing you of newly discovered critical vulnerabilities and supporting timely mitigations to prevent exploits.”

Traditionally, security teams had to take longer periods of time to work out whether they were affected when a vulnerability materialized publicly, allowing a window for aggressive attackers to breach their organizations, sometimes within hours. However, according to Darktrace, as real-world cases in point, for early adopters Newsroom has already provided critical insights on several emerging vulnerabilities, such as:

  • An unauthenticated RCE vulnerability found in Citrix Gateway and Citrix ADC. This would allow attackers to remotely execute commands to place malware or other malicious code on a computer or network without any need for input from the victim.
  • RCE flaw, often used in shadow IT, found in CentOS Web Panel 7 Servers which allows attackers to execute malicious commands during the login process.
  • Unauthenticated remote code execution vulnerability affecting almost all Zoho ManageEngine products which is a blind spot for most organizations. In the worst-case scenario, attackers could use this vulnerability to gain complete control of the system running the product, pivot to other systems in the organization, dump credentials and deploy ransomware.

Carrying Out Timely Mitigation

A hacker exploiting any one of these vulnerabilities can successfully execute a data breach, Darktrace said. But insights provided by the Newsroom product enabled the security teams to understand, within an average of two and a half hours, if and where on their attack surface those vulnerabilities were likely to become clear. As a result, these organizations were able to carry out timely mitigation actions and prevent any exploits, Darktrace said.

Commenting on the release, Pieter Jansen, Darktrace senior vice president of cyber innovation said:

"Against the backdrop of rapidly expanding attack surfaces and rising numbers of new, critical vulnerabilities, Newsroom is a vital component in a security team's arsenal of proactive capabilities. When news of a vulnerability hits, security leaders need to know how it affects them specifically before their CISO, or the Board, demands answers. This latest innovation shows our continued commitment to augmenting human capabilities by combining the intelligence of always-on, self-learning AI with the unique skills of human security teams."

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.