Meet vuln_GPT, Vicarius' AI for Detecting and Healing Software Weaknesses

By Greg Tavarez August 16, 2023

Identifying and addressing zero-day vulnerabilities presents an ongoing challenge, demanding a significant allocation of daily workforce resources. Look at the recent instance of vulnerability within MOVEit, where the initial vulnerability was pinpointed; however, nearly 60 days later, a quarter of the impacted entities continue to grapple with susceptibility. The emergence of novel AI-driven cyber threats, exemplified by entities like WormGPT, compounds the intricacy of recognizing and intercepting these malicious elements.

When it comes to vulnerability management solutions, traditional vendors predominantly emphasized the evaluative and detection facets yet have fallen short in adequately prioritizing the remedial dimension. The process of remediation is inherently intricate, and security teams approach the implementation of vendor-provided patches with circumspection, apprehensive about potential system disruptions or downtime. Even in cases where patches are available, a prevailing practice involves a cautious waiting period to mitigate any conceivable risks.

Vicarius, a player in the realm of vulnerability management solutions and a developer of an autonomous end-to-end vulnerability remediation platform, launched vuln_GPT, a LLM model trained to generate remediation scripts for software vulnerabilities in the race to find and fix vulnerabilities faster than hackers.

With vuln_GPT, Vicarius pioneers an era characterized by AI-crafted scripts designed to mitigate Common Vulnerabilities and Exposures, or CVEs, effectively bridging the gap between detection and remediation. While the Mean Time to Detect, or MTTD, remains a persistent concern for IT teams, an even greater hurdle emerges in the form of Mean Time to Remediate, or MTTR, as many teams lack the adeptness to swiftly address vulnerabilities.

Through vuln_GPT, security teams gain the capacity to expeditiously resolve critical issues, markedly abbreviating their response time, curbing the costly aftermath of incidents, and diminishing MTTD and MTTR. Vicarius discerns an opportune moment to address the skills gap, particularly pertinent when in-house research teams are confronted with staffing shortages and resource constraints.

For example, scripts can remove a file, close a port, disable a protocol, or initiate a compensating control. These are all strategies that can provide a sturdy and reliable fix while vendors work on releasing a patch or while security teams test one in a lab environment.

Because vuln_GPT works without human intervention, it also makes vulnerability detection and remediation faster and more cost effective, without the need for large research teams or highly skilled security engineers, saving time and money.

“We want to fight AI with AI,” said Michael Assraf, CEO of Vicarius. “With vuln_GPT, we can help security teams with the end-to-end vulnerability management process to quickly identify, prioritize, fix and validate critical issues. We believe this is a game changer toward staying one step ahead of the attacker.”

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Mitel Seals the Deal to Acquire Unify

Mitel expands its portfolio with Unify's voice platforms, collaboration and contact center products, devices, and associated intellectual property.

Read More

ITEXPO Sponsor AVANT is Improving Pathfinder 2.0 for Trusted Advisors

Trusted Advisors can win more business with AVANT by utilizing what's being called a "game-changing platform."

Read More

TMC's Rich Tehrani to Speak at Cloud Voice Alliance UCaaS Event

TMC CEO and Chief Editor Rich Tehrani will engage in a thought-provoking conversation with Bill Miller, the host of "The CEO Success Stories" webinar series for the CVA.

Read More

Ericsson Takes the Helm in Open RAN Transformation

Ericsson is at the forefront of advancing the three fundamental pillars of Open RAN as a sign of its commitment to the industrialization of Open RAN.

Read More

Vonage Selected by Flowcode to Elevate Direct-to-Consumer Communication

Vonage and Flowcode partnered to produce a new communications tool, Flowconnect, to help consumers instantly communicate with brands.

Read More