Cyber security

Our researchers developed a tool to help organisations focus their resources on the most urgent threats to their cyber security.  

As organisations increasingly struggle to manage rapidly evolving attacks, Dr Mehdi Yousefi and Riccardo Lazzarini, of the School of Computing, Engineering and Built Environment, created the Vulnerability Prioritisation Tool to triage cyber risks and focus resources on the most critical. 

The rate at which software vulnerabilities are discovered is rapidly growing. The National Vulnerability Database includes hundreds of thousands of vulnerabilities, with 10% of the entries added in just the past year. Backed by Innovate UK’s Cyber Security Academic Startup Accelerator Programme, The Vulnerability Prioritisation Tool could help medium-sized organisations that don’t have the resources to invest in a dedicated cyber-security team. 

The tool harnesses artificial intelligence to scan an organisation’s network infrastructure and services to find vulnerabilities. It then monitors factors such as how easy each vulnerability is to exploit, how long that could take and the availability of code that can exploit the vulnerability. The tool then ranks the threats.

As security threats continue to evolve, the need to protect intellectual property, supply chains, brands, shareholder value and other digital assets has never been more critical. Advances in cyber security need to keep pace and organisations find themselves in a position where most off-the-shelf solutions are no longer sufficient. That is where we believe our tool could play a vital role.

Riccardo Lazzarini
School of Computing, Engineering and Built Environment