Newsroom uses AI-assisted knowledge of a customer’s external attack surface to measure exposure to detected vulnerabilities and provides a summary of exploits, affected software and assets. Credit: Adam Le Sommer AI-focused cybersecurity vendor Darktrace has announced the release of Newsroom, a new detection and warning system for critical vulnerabilities that uses open-source intelligence (OSINT) sources to identify threats posed to businesses. Newsroom leverages deep and AI-assisted knowledge of a customer’s external attack surface to gauge its exposure to detected vulnerabilities and provides a summary of exploits, affected software and assets within the organization, Darktrace stated. It also provides vulnerability mitigation guidance specific to businesses, while early adoption has revealed insight on remote code injection flaws in Citrix Gateway/Citrix ADC, CentOS Web Panel 7 Servers, and Zoho ManageEngine products, according to the vendor. Darktrace Newsroom is now available as part of the Darktrace PREVENT product range.Darktrace Newsroom alleviates slow, manual vulnerability detectionDarktrace Newsroom autonomously monitors threat feeds and OSINT sources for new critical vulnerabilities and publishes them on the Darktrace PREVENT dashboard, Darktrace said in a press release. This detection and summarization of flaws augments human security teams by alleviating lengthy, labor-intensive manual processes, the firm added.Traditional vulnerability management methods are typically resource intensive, involving regular monitoring of security news feeds and intelligence sources. It can take security teams significant periods of time to test and ascertain whether they are affected when a vulnerability emerges, allowing a window for attackers to breach organizations, Pieter Jansen, senior vice president of cyber innovation at Darktrace, tells CSO during a demo of the Newsroom service.“Some of these things are done by some organizations already internally by enthusiastic people who like looking at news, or even whole security teams starting every morning by manually looking at Twitter and underground forums. Newsroom augments all of that. There’s a 24/7 AI-powered team behind this monitoring new sources, public news, underground news, looking at research communities, sharing what we have selected as the super critical vulnerability news so security teams have a better start to their day,” Jansen says. Deep understanding of an organization’s external attack surfaceA deep, unique understanding of and correlation with a customer’s external attack surface is key, he adds, and is what sets Newsroom apart from other vulnerability management options. “The platform learns what an organization is like from an outside perspective without any user input, using the brand and AI evidence to build a digital DNA of the customer,” Jansen states. “It knows that if there’s new exposure on specific parts of the attack surface, it learns from that and identifies new or critical attack paths that could lead to compromise, telling the customer where they are exposed.”Upon detection of a vulnerability relevant to the client, Newsroom sends an email alert with a list of affected assets and supports integration with most ticketing systems, raising tickets automatically with the appropriate teams/personnel, according to Jansen. “There’s a lot of value in knowing if you have vulnerable assets technology and where you need to patch, so you can then increase your monitoring around those assets to make sure they don’t get breached in that timeframe.” Newsroom also reevaluates historic vulnerabilities for new exploitation. Mitigation guidance links to official patch sites (if available) and sources for remediation, while customers can opt in to be notified about vulnerabilities even if they don’t have any assets directly affected, something Jansen calls a “true negative.”Newsroom “cuts through media noise” to reveal cyber risk profileDarktrace Newsroom addresses a fundamental challenge that security leaders face today: cutting through media noise and getting to grips with the realities of their risk profile, Jim Webber, VP enterprise security and fraud management at Direct Federal Credit Union, and Newsroom early adopter, tells CSO. “If we consider that an average of four new critical vulnerabilities are released every day, and the time it takes for attackers to exploit these has shrunk to an average of 12 days, you can imagine that the race against time to understand and mitigate these threats in line with your risk profile is not something that even an army of analysts, if that luxury was afforded, can carry out alone,” he says.Newsroom provides clearcut insights about the impact of new vulnerabilities in a way that is timely and bespoke to his organization, Webber adds. “Instead of trawling through data logs when the next vulnerability emerges, my team can act on the insights provided. Not only that, it’s also showing us the crown jewels that the AI is actively defending on our behalf in order to build trust in those decisions.”On September 29, 2022, Newsroom alerted Webber’s team to the potential risk of a well-known vulnerability, he states. “After the initial identification, it then carried out the crucial phases of vulnerability response at speed. We saw that the severity of this was high and the potential impact was high. It showed us that this was visible in our external attack surface and provided us with a list of potentially affected assets.” Newsroom then sent an overview to Webber’s team by email of all this including a list of potentially affected assets and a link to external resources about the threat. Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe