One way Artificial Intelligence (AI) can be used in Cybersecurity is for predicting in Threat Intelligence with big data.
For example, cve-2021-29097. There is no poc/exploit found, and no malware being reported, no successful exploitation being reported, and CVSS(2) base score is below 7. Basically, there isn't much info at NVD (as of today).
Will you patch the vulnerability? Or wait till the threat landscape changes? How about AI prediction? Can we "predict" the threat?
With Kenna.VI, we can "predict" the threat even though we have no enough information from NVD. See below, as this is an example that I found recently that is predicted to be exploitable in the future.
[*] Searching cve-[['2021-29097']] vulnerability definitions within Kenna.VI+....
[ CVE Description ]
[*] CVE_ID : CVE-2021-29097
[_] Desc : Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
[_] C:2021-03-23 / P:2021-03-25 / L:2021-03-31
[*] Vuln Risk : 41.4226
[*] Exploited [trend] : 0 [holding] [RCE]
[_] Exploit/likehood : 🌟 True/79.6353% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [0]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 6.8 / 7.8 ]
[_] Vuln Products : [4]
[ CVE Malware Family Info : None ]
[ High_Profile_Vulnerability ]
[!!!] CVE-2021-29097 (41.4226) : []
** [5] threads completed [2 tasks] / [1.91 KB] within [2.71 sec].
Links:
- https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster/
- https://nvd.nist.gov/vuln/detail/CVE-2021-29097