Hackuity Launches ‘WatchBot’ to Automate and Simplify CVE Monitoring
January 2024 by Marc Jacob
Hackuity announced the launch of ‘WatchBot’, the latest addition to its next generation platform, designed to further improve the detection and remediation of security threats. WatchBot automates the process of identifying Common Vulnerabilities and Exposures (CVEs) – a list of publicly disclosed security flaws – which pose the most risk to an organisation’s specific attack surface.
The launch is designed to help security teams prioritise vulnerabilities at a time when they must monitor and manage an ever-growing number of CVEs. In 2023 alone, more than 29,000 vulnerabilities were disclosed. With WatchBot, security teams can select the parameters through which to filter the alerts on vulnerabilities and retrieve only those matching their specific criteria and the technologies they manage. When a new CVE matches the monitored technologies and filters defined in the WatchBot, it is added to the current list of CVEs, enabling security teams to put remediation into action.
This empowers IT teams to manage their time and resources more effectively and to fix systems before attackers can exploit them. It provides instant alerts of vulnerabilities that normal scanning processes might miss and allows teams to focus only on the severe and exploitable vulnerabilities.
WatchBot fully automates the process of CVE monitoring based on technologies within an organisation’s IT estate, which can be defined by vendor, product, version, and more. Technologies can be monitored, and filters set, according to three different factors: ‘all versions’, ‘specific versions’, or ranges of technology versions.
Any CVEs affecting these monitored technologies can be filtered using criteria including a Common Vulnerability Scoring System (CVSS) base score, exploitability, threat intensity, exploit maturity, the exploit prediction scoring system (EPSS), and CISA’s Known Exploited Vulnerabilities (KEV) Catalog.
Each time WatchBot identifies a new CVE that matches the criteria set, an alert is sent to a tailored distribution list via the user’s preferred channel such as email, Slack, or Teams.
WatchBot is available to all existing customers of Hackuity’s Risk-Based Vulnerability Management platform.