AI-focused cybersecurity vendor Darktrace has announced the release of Newsroom, a new detection and warning system for critical vulnerabilities that uses open-source intelligence (OSINT) sources to identify threats posed to businesses. Newsroom leverages deep and AI-assisted knowledge of a customer\u2019s external attack surface to gauge its exposure to detected vulnerabilities and provides a summary of exploits, affected software and assets within the organization, Darktrace stated. It also provides vulnerability mitigation guidance specific to businesses, while early adoption has revealed insight on remote code injection flaws in Citrix Gateway\/Citrix ADC, CentOS Web Panel 7 Servers, and Zoho ManageEngine products, according to the vendor. Darktrace Newsroom is now available as part of the Darktrace PREVENT product range.Darktrace Newsroom alleviates slow, manual vulnerability detectionDarktrace Newsroom autonomously monitors threat feeds and OSINT sources for new critical vulnerabilities and publishes them on the Darktrace PREVENT dashboard, Darktrace said in a press release. This detection and summarization of flaws augments human security teams by alleviating lengthy, labor-intensive manual processes, the firm added.Traditional vulnerability management methods are typically resource intensive, involving regular monitoring of security news feeds and intelligence sources. It can take security teams significant periods of time to test and ascertain whether they are affected when a vulnerability emerges, allowing a window for attackers to breach organizations, Pieter Jansen, senior vice president of cyber innovation at Darktrace, tells CSO during a demo of the Newsroom service.\u201cSome of these things are done by some organizations already internally by enthusiastic people who like looking at news, or even whole security teams starting every morning by manually looking at Twitter and underground forums. Newsroom augments all of that. There\u2019s a 24\/7 AI-powered team behind this monitoring new sources, public news, underground news, looking at research communities, sharing what we have selected as the super critical vulnerability news so security teams have a better start to their day,\u201d Jansen says.Deep understanding of an organization\u2019s external attack surfaceA deep, unique understanding of and correlation with a customer\u2019s external attack surface is key, he adds, and is what sets Newsroom apart from other vulnerability management options. \u201cThe platform learns what an organization is like from an outside perspective without any user input, using the brand and AI evidence to build a digital DNA of the customer,\u201d Jansen states. \u201cIt knows that if there\u2019s new exposure on specific parts of the attack surface, it learns from that and identifies new or critical attack paths that could lead to compromise, telling the customer where they are exposed.\u201dUpon detection of a vulnerability relevant to the client, Newsroom sends an email alert with a list of affected assets and supports integration with most ticketing systems, raising tickets automatically with the appropriate teams\/personnel, according to Jansen. \u201cThere\u2019s a lot of value in knowing if you have vulnerable assets technology and where you need to patch, so you can then increase your monitoring around those assets to make sure they don\u2019t get breached in that timeframe.\u201dNewsroom also reevaluates historic vulnerabilities for new exploitation. Mitigation guidance links to official patch sites (if available) and sources for remediation, while customers can opt in to be notified about vulnerabilities even if they don\u2019t have any assets directly affected, something Jansen calls a \u201ctrue negative.\u201dNewsroom \u201ccuts through media noise\u201d to reveal cyber risk profileDarktrace Newsroom addresses a fundamental challenge that security leaders face today: cutting through media noise and getting to grips with the realities of their risk profile, Jim Webber, VP enterprise security and fraud management at Direct Federal Credit Union, and Newsroom early adopter, tells CSO. \u201cIf we consider that an average of four new critical vulnerabilities are released every day, and the time it takes for attackers to exploit these has shrunk to an average of 12 days, you can imagine that the race against time to understand and mitigate these threats in line with your risk profile is not something that even an army of analysts, if that luxury was afforded, can carry out alone,\u201d he says.Newsroom provides clearcut insights about the impact of new vulnerabilities in a way that is timely and bespoke to his organization, Webber adds. \u201cInstead of trawling through data logs when the next vulnerability emerges, my team can act on the insights provided. Not only that, it\u2019s also showing us the crown jewels that the AI is actively defending on our behalf in order to build trust in those decisions.\u201dOn September 29, 2022, Newsroom alerted Webber\u2019s team to the potential risk of a well-known vulnerability, he states. \u201cAfter the initial identification, it then carried out the crucial phases of vulnerability response at speed. We saw that the severity of this was high and the potential impact was high. It showed us that this was visible in our external attack surface and provided us with a list of potentially affected assets.\u201d Newsroom then sent an overview to Webber\u2019s team by email of all this including a list of potentially affected assets and a link to external resources about the threat.