Page 397 - Kaleidoscope Academic Conference Proceedings 2024
P. 397

CONVERGING VULNERABILITY INSIGHTS: UNIFYING VULNERABILITY
           INTELLIGENCE FOR ENHANCED APPLICATION SECURITY WITH COLLABORATION




                                                      Aparna, Khare
                                                                  1
                                                 1 National Informatics Centre



                              ABSTRACT                        that appropriate measures can be taken against cyber security
                                                              threats.  They  are  foundational  in  providing  the  necessary
           The  cyber  threat  landscape  is  ever  evolving,  and  as   intelligence  to  organizations  for  proactive  vulnerability
           technologies advance and grow, so do the vulnerabilities in   management, which is of critical importance in the realm of
           software  technologies,  programming  languages  and   cyber  security.  This  is  because  the  vulnerabilities  within
           software development frameworks. There is an imperative   software  and  systems,  if  they  are  left  unaddressed,  can
           need to be able to preemptively counter emerging threats in   expose the organizations and online services to a plethora of
           software and applications, standalone or otherwise. There   risks such as data breaches and service disruptions that can
           are  several  vulnerability  intelligence  tools  and  services   severely impact the confidentiality, integrity, and availability
           available in the market, however they suffer from a single   of the assets involved [1].
           common  drawback.  The  vulnerability  intelligence  they
           present depends on selective and even proprietary feeds of   While several organizations maintain their own proprietary
           information. With software technology that is largely driven   vulnerability repositories for intelligence, when required to
           by community efforts, a much better solution is to present the   be  availed  by  other  organizations,  they  may  impose  a
           vulnerability  intelligence  from  the  community  driven   financial burden in terms of licenses and may also very well
           vulnerability  databases  itself.  Furthermore,  vulnerability   be inaccurate in terms of delay in updation with respect to
           intelligence can also be utilized in the field of cyber forensics.  continually  discovered  vulnerabilities.  Community  driven
           Forensic  investigators  require  a  sound  foundational   open-source  vulnerability  databases  that  are  backed  by
           knowledge  of  vulnerability  insights  and  attack  vectors  to   organizations/communities  solely  focused  on  maintaining
           understand  how  an  attack  or  an  incident  might  have   the database, are often regularly updated depending on the
           occurred.  This  paper  presents  a  web-based  vulnerability   ecosystem  of  contributors.  These  continuously  updated
           intelligence platform that can effectively leverage the OSV   databases,  if  they  can  be  converged  under  a  common
           database,  NVD,  CAPEC  and  CWE  to  present  a  more   standardized  format  and  a  common  access  platform,  can
           comprehensive, community driven vulnerability intelligence   prove to be extremely fruitful when considering the holistic
           that can not only help organizations in their vulnerability   picture  for  enhancing  security.  Further,  active  options  of
           management efforts but also help cyber forensic analysts in   collaborations would ensure that the converged system stays
           getting relevant information about known attack methods in   updated and of use to the community.
           real time.
                                                                               2.  KEY TERMS
             Keywords –Cyber Security, Open-Source Vulnerability
                Databases, Software Vulnerability Intelligence,   The key terms used in this paper are described as below:
             Vulnerability Data Aggregation, Vulnerability Database
            Standardization, Vulnerability Intelligence Collaboration,   2.1   Vulnerability
               Vulnerability Intelligence Platform, Vulnerability
                              Prioritization                  In the context of cyber security, a vulnerability, also referred
                                                              to as a security vulnerability, is a flaw or weakness present
                          1.  INTRODUCTION                    in  an  information  system,  security  procedures,  internal
                                                              controls,  or  implementation  which  can  be  exploited  or
           A  vulnerability  database,  sometimes  also  referred  to  as  a   triggered by a potential threat source [2].
           vulnerability database repository, is a structured collection of
           information   about  newly   discovered   and   known   2.2   Vulnerability intelligence
           vulnerabilities  present  within  system  software,  application
           software,  and  other  computing  systems.  Vulnerability   Vulnerability   intelligence   involves   the   systematic
           databases enable organizations and security professionals to   acquisition and comprehension of potential weaknesses in
           identify, prioritize, and address vulnerabilities efficiently so   computer systems and software.





          978-92-61-39091-4/CFP2268P @ITU 2024            – 353 –                                     Kaleidoscope
   392   393   394   395   396   397   398   399   400   401   402