Vicarius launched vuln_GPT, an LLM model trained to generate remediation scripts for software vulnerabilities in the race to find and fix vulnerabilities faster than hackers.
The vuln_GPT engine will be freely offered within vsociety, Vicarius’ social community for security researchers. vuln_GPT scripts can then easily be deployed as part of its vRx solution that allows instant remediation of vulnerabilities.
In the ever-evolving digital landscape, there are currently 200,000 vulnerabilities detected in total, with ten percent (10%) discovered in the last year and increasing at an exponential pace. Manually identifying and handling zero-days is a heavy burden, requiring significant daily manpower. In the recent MOVEit vulnerability example, almost 60 days after identifying the first vulnerability, a quarter of the affected organizations still remain vulnerable. The advent of the latest AI-driven cyber threats, such as WormGPT, make it even harder to detect and block these threats.
When it comes to vulnerability management solutions, legacy vendors lean heavily on the assessment and detection side of the house, but have failed to pay appropriate attention to the remediation aspect. Remediation is already a complex process, and security teams remain cautious when applying vendor patches in fear of causing outages or downtime to their systems. Even if a patch is available, they will often undergo a waiting period in order to minimize any potential risk.
Enter vuln_GPT. This new AI-powered remediation engine can automatically generate a remediation script to execute a number of actions. For example, scripts can remove a file, close a port, disable a protocol, or initiate a compensating control. These are all strategies that can provide a sturdy and reliable fix while vendors work on releasing a patch or while security teams test one in a lab environment.
Further, because vuln_GPT works without human intervention, it also makes vulnerability detection and remediation faster and more cost effective, without the need for large research teams or highly skilled security engineers, saving time and money.
Recently, there were critical zero-day vulnerabilities discovered in Terrestrial Trunked Radio (TETRA), a radio communications protocol widely used by government, law enforcement and military organizations worldwide. While some of the vulnerabilities can be fixed through firmware updates, others can’t and are more difficult to mitigate, in particular a backdoor in CVE-2022-24402 that can expose sensitive information. Using vuln_GPT, Vicarius takes the manual work out of identifying and applying the most effective compensating controls.
With vuln_GPT, Vicarius ushers in the era of AI-generated scripts to mitigate CVEs and helps to significantly close the gap between detection and remediation. MTTD (mean time to detect) remains a prominent issue for IT teams, but MTTR presents an even bigger challenge, since most teams are not well equipped to fix vulnerabilities quickly.
“We want to fight AI with AI,” said Michael Assraf, CEO of Vicarius. “It’s always been hard for defense teams to keep up with the constant evolution of threats. Even the most advanced patching vendors support only a fraction of the patchable applications, and not all vulnerabilities can be fixed with a patch. With vuln_GPT, we can help security teams with the end-to-end vulnerability management process to quickly identify, prioritize, fix and validate critical issues. We believe this is a game changer toward staying one step ahead of the attacker.”
vuln_GPT enables security teams to quickly fix critical issues, significantly decrease their time to react, cut down the costly aftermath of an incident, and reduce MTTD and MTTR. Vicarius believes the timing is right to help solve the skills gap, particularly when in-house research teams are short staffed and under-resourced.
“All of the scripts generated by vuln_GPT will be available to the public free of charge in vsociety. Similar to our Nmap integration tool, we want to ensure our community benefits from cutting-edge technology as we continue to democratize knowledge across the industry,” Assraf added. “With vuln_GPT, you don’t need to have the best security engineers, which are already in short supply. We’re not only closing the remediation gap but the skills gap as well.”