Sixgill: Prioritizing CVEs – A New Approach to an Old Problem


CVEs (Common Vulnerabilities and Exposures) purpose is to facilitate the sharing of data and to alert users of required actions to mitigate potential threats in the cyber world. CVE identification and prioritisation have become a prominent part of every vulnerability management tool. Organisations rely on CVE feeds for their day-to-day cyber defence operations. Although these feeds are valuable to the users, they suffer from several major flaws which unnecessarily expose users to cyber-attacks.

With such challenges, there is an urgent need for a complementary approach to handling CVEs. In this whitepaper, Sixgill outlines an end-to-end prioritisation and remediation solution with a suggested architecture. Also, what should a threat intelligence platform consider when calculating exploit probability and from which sources should a threat intelligence platform collect information?

Sixgill provides a cyber threat intelligence solution that focuses on clients' needs. This helps them to mitigate risk to organisations more efficiently. As a result, Sixgill provides broad coverage of exclusive-access deep and dark web sources, as well as relevant surface web sources. Also, they utilise AI and ML to automate the production cycle of cyber intelligence from monitoring through extraction to production.