Any organization to prevent cyber-exploitation requires proper intelligence and prompt action to detect and manage cyber-attacks and vulnerabilities known as threats. Threat-related intelligence tends to be extracted or obtained from multiple sources like platforms of social media where threat information might be published in real-time. In the current market for threat assessment coverage, security organizations are growingly providing security analysis tools and services that are optimized and automated for the reduction of efforts in the detection and determination of threats and related vulnerabilities.
For example, a background study by Le et al. determined that security analysts perceive cyber-threat determination from social media sites as a time-taking task because of which responses to such threats might get delayed. Thus, the study explored the importance of a Twitter-based automatic threat intelligence gathering framework by utilizing the model of novelty detection. This framework permitted the automated gathering of network parameters such as security vulnerabilities, I.P. addresses, and information about hackers to execute arbitrary commands.
On the other hand, while looking at the real-time examples of automated security analysis tools or services, it is also found that a small Ireland-based cyber-security company provides consultancy services that involve analysis of Open-Source Threat-Intelligence for developing “security-scorecard,”, particularly for internet-based digital platforms like websites. The company utilizes paid-for SAAS, i.e., also known as Black-Kite, for threat detection. The threat detection and assessment report construct the base for determining customer risks and ways for remediating the risks. However, failure to the determination of the vulnerability of Security leads to failure in executing the remediation plan.
Given the users’ restricted or limited skill possession regarding security technology, it is also required to put detailed and critical insights into the efficacy of automated threat detection mechanisms for minimizing efforts and time invested in the entire threat assessment coverage procedure. Organisations must conduct early and effortless threat assessments for timely and effective responses to keep their data and assets protected or secure from attack.
Therefore, it has been noted as essential to conduct the present study to examine the extent to which the automated and optimized security analysis tools are effective for increasing coverage of threat assessment with less possible effort and time. The service of Black Kite enables non-intrusive types of assessments for data gathering out of sources that are publicly available and executes contextualization as well as evaluation for the conversion of data potentially into threat intelligence.
An opportunity is there to utilize highly permissive scanning of vulnerability for conducting the detailed assessment, which might complement the service findings of Black Kite. It is also observed that various customers presently utilize applications of CMS like WordPress that do not have approval for the management of vulnerability by the service of Black Kite. It might be noted as the opportunity for adding vulnerability detection features by utilizing tools, for example, WPScan or similar services or tools.
Paid-for security services such as Black Kite provides detailed risk rating as per the categories of risks as well as rich and high-quality reporting while, on the other part, free-for tools, such as WPScan, provide robust control upon the threat intelligence process execution; however, it lacks capabilities for delivering rich reporting.