Kenna & VMware Carbon Black Collaborate  
Learn More >
Contact Us
Talk to an Expert
Request a demo

Malware exploitable vulnerabilities – Addressing the root cause

Jul 24, 2017
Michael Roytman

Share with Your Network

Today, we’re excited to announce our partnership with ReversingLabs – a leader in the world of malware research and analysis. Using metadata about malware samples submitted to ReversingLabs, and focusing on the subset of malware for which we know the Exploit that was used, we can start to treat the root cause of the problem. This is done by notifying every Kenna Security user about all vulnerabilities that are exploited by malware, now available as a new Facet in our dashboard – as well as by measuring the volume and velocity of the exploitation of this malware and incorporating that into our risk scores.

Why is this important? I’ll let the data do the talking.

Of the 8 trillion successful exploitations over the past  years, 46,266,667 are attributed to 28,540 different malware samples which ReversingLabs has analyzed. Keep in mind that these are only the ones we know about, there are other effective variants of the same malware families that are generating incidents. In the endpoint protection and incident response worlds, this is a great deal of work – not only does one have to keep track of all the hashes, update signature and rulesets on devices, and conduct follow up investigations – but even if you treat the pain of those 28,540 malware variants and feel the comfort associated – the root cause is still there. Put differently, let’s start treating the cause:

The chart above shows the breakdown of those 28,540 malware samples by the vulnerability that the malware uses in order to propagate. The color, ranging from green to blue, shows the vulnerabilities which have resulted in the greatest number of successful exploitations over the past 4 years.

A few insights become immediately apparent:

First, 299 CVEs are responsible for 44 million attacks. In the incident response paradigm, you can deal with 44 million attacks by monitoring and remediating around 30,000 malware samples, and see as those samples mutate and generate new strains. Or, you can remediate 299 CVEs, and never worry about those strands again. Kenna Security’s new partnership with ReversingLabs will let you easily identify those vulnerabilities in your environment, and if they’re high risk vulnerabilities, we’ll supply you with the MD5, SHA1 and SHA256 hashes to clean up the current infections. Root cause, addressed.

Second, and more interestingly, if those 299 CVEs are looked at through the lens of the risk meter – that is, through the lens of volume and velocity of successful exploitation, one can easily see that only a handful of them are responsible for over 90% of the successful exploitations (remediate blue above first, then move on to the rest). This kind of granular prioritization is what can make managing millions of incidents and tens of thousands of strains of malware less painful.

Learn more about our exciting Malware Exploitable feature from our 2 minute demo video.

Also, if you are attending Black Hat, visit our booth #1768 to learn more about our new Malware Exploitable feature in person.

Share with Your Network

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the Prioritization to Prediction series produced in conjunction with the Cyentia Institute explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities: through the lens of common asset platforms. Download the research report to learn more about the key findings: Common asset platforms and their typical risk profiles…


5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is just as critical to IT as it is to Security and DevOps.  And it’s worth getting right: Vulnerabilities can leave your most strategic assets—and your business itself—exposed to cyber threats…




Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You can learn more about the Exploit Prediction Scoring System and use the interactive calculator here:…


© 2020 Kenna Security. All Rights Reserved. Privacy Policy.