RiskRank

Managing CVEs and security incidents shouldn’t feel like a puzzle. RiskRank centralizes systems and CVSS scores into one platform, adapting dynamically to tailor assessments and prioritize threats.

Comment

Inspiration

On Friday we not only experienced an incident as non-cyber security experts, but also realised how complex this job is, as dealing with new CVEs (Common Vulnerabilities and Exposures) and related incidents often requires extensive research. Cyber security experts have to gather all the information about available patches, affected systems and potential risks on different platforms. Our goal was to optimize this process and provide companies with a platform that both saves time and improves risk assessment.

What it does

RiskRank is a web-based platform that centralizes and clearly displays all relevant information about a incident in relation to the company. We enable fast risk evaluation even with minimal information available.

Main features

  • Information bundling: All important data - from available patches to affected systems to CVSS scores - is collected in one place to minimize time-consuming research. The data is gathered from the National Vulnerability Database via an API.
  • Dynamic risk assessment: CVSS rankings are static and do not take into account the specific circumstances of an organization. Our platform combines a PageRank-inspired graph algorithm with the expertise of cybersecurity professionals to enable situation-dependent reassessment, e.g. based on the number of affected systems or the relevance for business operations.
  • Automated prioritization: High-risk incidents can be escalated and routed to the appropriate teams at the touch of a button, drastically reducing response time.

How we built it

RiskRank consists of a clearly structured web architecture with frontend and backend. In addition, we use Neo4j, a graph database that is ideal for modelling complex relationships thanks to its Cypher query language.

Frontend:

The frontend was developed using JavaScript in combination with Vue.js. The focus was on a user-friendly interface that is intuitive and easy to understand, especially for cybersecurity experts.

Backend:

The backend is based on Python in combination with Flask. The special feature here is the dynamic processing and querying of data from the graph database using Cypher queries. These queries have been specially developed to provide business and application-relevant data efficiently and make them available by single clicks.

Challenges we ran into

  • Handling large data sets: Modelling and processing a large number of nodes and relationships was a challenge.
  • A new domain: Determining which entities of the data are relevant for cybersecurity and understanding the specific needs of a cybersecurity analyst was quite a challenge for us.
  • New technologies: Cypher was completely new to us, which required some training.

Accomplishments that we're proud of

  • We have successfully developed a platform that significantly reduces the research effort for cybersecurity experts.
  • We were excited to merge our knowledge with the insights of cybersecurity experts to create a more comprehensive solution.
  • Our solution is a real help for companies that want to optimize their risk assessment and incident management processes.

What we learned

  • Cyber security is a multifaceted profession that requires not only technical know-how but also intensive research.
  • Graph databases such as Neo4j are ideal for mapping complex relationships in data sets and making them usable.
  • Digital Twin how they can be exploited to enable data-driven decision making.

What's next for RiskRank

  • Advanced functions: Implementation of machine learning algorithms to predict future risks based on historical data.
  • Integration: Connection to existing systems such as SIEM (Security Information and Event Management) or ticketing tools.
  • User feedback: Development of further optimizations and new functions based on user feedback.

Built With

Share this project:

Updates