Invicti has released a new AI-enabled Predictive Risk Scoring capability, designed to forecast and help organizations gain a view of its overall application security risk.

According to the company, Predictive Risk Scoring allows organizations to determine which web applications should be scanned first and proactively prioritize remediation efforts.

This new capability remaps the application security testing process to profile and calculate a risk score on all discovered web applications–before any scanning begins.

Working with more confidence

Risk management and prioritization are ongoing challenges in application security with the high volume of vulnerabilities that are discovered across web applications and APIs, Invicti reports.

While vulnerability severity helps order which vulnerabilities might require attention over others, there’s still a lack of information around exploitability and risk.

“Everyone working in cybersecurity needs to work faster, with more confidence that they are doing the right thing to protect their organizations,” said Neil Roseman, CEO, Invicti.

“This new advancement in AppSec testing helps make that a reality.

“CISOs can now look at their application attack surface using a risk-based approach, guaranteeing that their AppSec program is focusing efforts in the right areas.”

The company says, Predictive Risk Scoring addresses the gap in vulnerability severity information by applying an AI model on discovered assets and calculating risk score from a set of 220 parameters with a minimum 83% confidence level.

Among many advantages from this, no scanning resources are required and no customer data is required to assess the risk score.

Addressing issues with Invicti

“Protecting applications is crucial for companies of all sizes but it’s challenging with the complexity and noise in the application security market, amplified with the adoption of AI,” said Melinda Marks, Practice Director, Cybersecurity at ESG.

“Now more than ever, security teams need to prioritize their efforts to address to the riskiest issues, with speed and scale.

“Risk-based prioritization can help organizations best deploy their resources and optimize efficiency to secure their environments to support business growth.”