Breaking News

ML and Vulnerability Verification at WhiteHat Security

WhiteHat Security is rightfully known for our very accurate results. We deliver only fully verified and actionable vulnerabilities to our clients. However, many of our customers may not fully understand how much work goes into that at WhiteHat’s scale.

We have thousands of automatically scanned websites under our service, and every day, our scanner discovers hundreds upon hundreds of new potential vulnerabilities. In order to protect our clients from a constant barrage of false positives, each and every one of these potential vulnerabilities needs to be carefully assessed and verified by our application security engineers at our Threat Research Center (TRC).

This work is highly optimized and streamlined, allowing WhiteHat to deliver fully verified and accurate results at massive scale. But we are always looking into how we can make the system better, more scalable, speedier and ever more accurate so we can decrease time to value for our clients and strive to deliver the results faster, without sacrificing reliability.

This is why about a year and half ago we started to experiment with machine learning (ML) for automated vulnerability verification. In recent years, the scientific community has made substantial breakthroughs using ML for image classification, automated translation, speech recognition, etc.

At the core of the recent revolution of ML lie two things. First is copious amounts of data and second is the improved computing capacity that allows the machines to make sense of the data.

The algorithms (neural networks) are actually able to learn from the data, to self-program themselves to become complicated and effective pattern recognizers. Now, we are not talking about AI on a human level–that’s probably decades away. However, there are many tasks where even current, limited algorithms can be very useful.

WhiteHat is positioned extremely well to capitalize on these recent developments. Over the years, we have accumulated petabytes of data representing millions of potential vulnerabilities, along with hundreds of millions of human decisions. ML allows us to make sense of the data, train a set of expert networks on this data, and then use these networks to supplement our human element. We have developed a set of ML techniques specifically designed for our use cases that allow us to keep accuracy extremely close to human level for a subset of vulnerability classes.

 

 

ML allows us to make our business more scalable and effective, reducing time to value for our clients, while maintaining the same ‘almost zero false positive rate’ in our results.

Our clients can now expect some types of vulnerabilities to be delivered to them in real time, allowing them to start remediation procedures as early as possible.

In conclusion, we’d like to make it clear that our commitment to our manual vulnerability verification and zero false positive rate remains firm, as this is something that has always defined WhiteHat and always will. ML is here to supplement our security researchers–to empower them, to free them from somewhat menial tasks and to allow them to concentrate on harder, more complicated vulnerabilities and delivering more value to our clients.

Tags: ML, threat research center, web application vulnerabilities