Kenna Security granted patent for machine learning methods used to predict exploits

Nov 7, 2018

Share with Your Network

SAN FRANCISCO, Calif., November 7, 2018

Ed Bellis, CTO at Kenna Security

“Today’s security landscape necessitates the implementation of machine learning tools that can pull in numerous sources of contextual threat data to prioritize and predict risk for an individual organization. This patent demonstrates Kenna’s leadership in the vulnerability management space, and our unique position to provide organizations with truly predictive and actionable intelligence on the threats that are most dangerous to their environment.”

News Summary

Kenna Security, a leader in predictive cyber risk, today announced that it has been granted a patent for its groundbreaking use of machine learning to predict which cybersecurity exploits will become weaponized. The patent recognizes Kenna’s use of machine learning to predict, at the moment a vulnerability is released, if an exploit will follow, and whether or not that exploit will be used in an attack.

Kenna’s exploit prediction methods leverage Kenna Cyber Risk Context Technologies™, which use machine learning to score vulnerabilities according to which pose the greatest threat to an organization. Kenna exploit prediction methods have delivered twice the efficiency, one-third of the false positives, and better coverage with half the effort of a strategy that relies on remediating every vulnerability with a CVSS score of 7 or above. Kenna Exploit Prediction was first made available on the Kenna Security Platform in the first quarter of 2018 to all Kenna Security customers.

“Other attempts to model the development of exploits have relied too heavily on narrow data sets from in-house sources,” continued Bellis. “One of the key strengths of Kenna’s platform is that it works with data from several sources, which has rapidly increased the speed and quality of observations used in training data for machine learning and the resulting predictive insights.”

Enterprise networks typically contain far more vulnerabilities than their security teams can address. Just 0.6 percent of known vulnerabilities are ever exploited in the wild. Unfortunately, security teams do not have a quantitative, data-driven approach to understanding which vulnerabilities pose the most risk of being exploited. Thus, they choose which vulnerabilities to patch according to methods that don’t correspond to their risk. The Kenna Security Platform uses advanced algorithms on threat and exploit data to prioritize the riskiest vulnerabilities and displays it with an intuitive user interface that scores the risk across the organization according to department, assets, and other granular groupings.

The risk scores provide a quantifiable metric with which security teams can communicate their level of risk and trends in cybersecurity over time.

Supporting Quotes

Michael Roytman, Chief Data Scientist, Kenna Security

“Risk does not come from a vulnerability. It comes from attackers using it – so we can give enterprises the tools they need to get ahead of attackers, and attacks themselves, which is the value of our approach.”

Additional Resources

About Kenna Security

Kenna Security is a leader in predictive cyber risk. The Kenna Security Platform enables organizations to work cross-functionally to determine and remediate cyber risks. Kenna leverages Cyber Risk Context Technology™ to track and predict real-world exploitations, focusing security teams on what matters most. Headquartered in San Francisco, Kenna counts among its customers many Fortune 100 companies and serves nearly every major vertical.


Media & Analyst Contact:
Matt McLoughlin
Gregory FCA for Kenna Security
Phone: 610-228-2123

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.