Cybersecurity company Detectify has released a new product called Alfred that uses AI to completely autonomously source, prioritise, and generate high-fidelity security tests for the CVEs that are most likely to be exploited.
There are more than 100 new CVEs published daily and a growing number of vulnerabilities not covered by the CVE system. Security teams must ensure they are testing for the latest issues and identifying and prioritising the threats that pose actual risks to their systems.
Traditional automated scanners often worsen this issue by adding new security tests relying on slow manual searches for publicly available CVE tests, generating excessive noise through signature-based testing rather than actual exploitability, and missing CVE-less vulnerabilities, such as misconfigurations.
Detectify Alfred utilises large language models to autonomously obtain CVE threat intelligence from a wide range of trusted security intelligence sources. It prioritises CVE vulnerabilities based on their likelihood of being exploited using the Exploit Prediction Scoring System framework. Next, the system scrapes the web for publicly available proofs-of-concept for each CVE, generating a payload-based exploit that is added as a security test to the Detectify platform after a quality assurance check is performed by a researcher. Detectify only builds tests for relevant CVEs that can be validated with its proven payload-based approach, which emulates real-world exploits and dramatically reduces false positives.
Detectify Alfred serves as an additional source of security research, complementing the insights from the Detectify crowdsource community of ethical hackers and internal security research experts. By fully automating the identification and creation process of CVE-based assessments, Detectify security research forces can dedicate more resources to address advanced and novel threats, particularly those hiding beyond CVEs, delivering greater value to customers.
“We’re tapping the power of AI to leverage the ultimate use of this technology, creating a sleepless ethical hacker who is autonomously collecting threat intelligence, prioritising vulnerabilities, and building payload-based security tests,” said Detectify CEO Rickard Carlsson.
After the release of Alfred, Detectify customers can now benefit from faster and broader access to test for likely exploitable CVEs. Detectify Alfred’s AI-built assessments are now being rolled out to all surface monitoring and application scanning customers.
