San Francisco, June 15, 2023 – Coalition, the world’s pioneer Active Insurance provider aimed at averting digital risk, recently introduced the Coalition Exploit Scoring System (Coalition ESS), an innovative vulnerability scoring system designed to help risk managers mitigate potential cyber threats. Coalition ESS, developed by Coalition Security Labs, the company’s center for research and innovation, is a dynamic security risk prioritization scoring system that incorporates real-time monitoring and dynamic scoring to assist businesses, regardless of their size, in efficiently identifying and addressing vulnerabilities.
The head of security research at Coalition, Tiago Henriques, emphasized the importance of timing in the field of cybersecurity. He stated that with the constant publication of thousands of new vulnerabilities every month, it becomes nearly impossible for security and IT teams to promptly comprehend and tackle each one. Coalition ESS was created to provide a more efficient solution to this issue by enabling defenders to sift through the noise and prioritize which vulnerabilities to remediate before an incident occurs.
Leveraging artificial intelligence and large language modeling, Coalition ESS analyzes the descriptions within newly-released CVEs (Common Vulnerabilities and Exposures) and compares them to previously published vulnerabilities to predict the likelihood of exploitability. The system generates two probability scores: the Exploit Availability Probability, which measures the likelihood of publicly available exploit code, and the Exploit Usage Probability, which gauges the likelihood of threat actors employing an exploit to carry out an attack. These scores combined provide security managers and IT professionals with a prioritized list, outlining the vulnerabilities that pose the greatest threat and saving valuable time and resources in the decision-making process.
Crucially, Coalition ESS scores are dynamic and respond to changes in available exploit information, setting it apart from scores derived from the existing Common Vulnerability Scoring System (CVSS). Additionally, Coalition ESS scores are available within a week from the initial vulnerability announcement, unlike other systems that could take anywhere from one week up to one month to score a vulnerability.
Henriques emphasized that Coalition developed ESS to prioritize their own vulnerability management efforts, as they play a crucial role in safeguarding hundreds of thousands of customer assets at scale. Coalition utilizes ESS to assess and inform their policyholders about vulnerabilities that have the highest potential to negatively impact them. Today, Coalition has made ESS publicly available, enabling the broader community to benefit from this advanced scoring system.
Interested individuals can access Coalition ESS for public use at ess.coalitioninc.com. To gain further insights into Coalition’s cybersecurity research and innovation center, Security Labs, visit www.coalitioninc.com/security-labs.