Kronos

Kronos

Predictive Vulnerability Analytics and Orchestration Platform

KRONOS

Kronos is an advanced vulnerability analytics and orchestration platform which provides a risk-based approach to vulnerability prioritization and remediation. It is empowered with predictive and prescriptive analytics capabilities to predict threats and attacks based on vulnerabilities and exposure and prescribe remediation to mitigate/prevent the attacks before they actually happen.

Kronos also automates them in a way that the complete Predictive Vulnerability Analytics (PVA) lifecycle is run by a digital version of security analyst operating different tools and technologies in the PVA process.

Current vulnerability management process

The process most Organizations use today is Fragmented as each Pillar operates as a Silo.
This leads to inefficiencies, longer patching cycles and a ton of manual work.

  • No predictive threat intelligence
  • Manual work
  • Multiple systems
  • Multiple Admins
  • Inefficiency leads to longer patching cycles

Group 60
KRONOS Framework
Kronos establishes an effective and automated Predictive Vulnerability Analytics (PVA) process

Kronos establishes an effective and automated Predictive Vulnerability Analytics (PVA) process by shifting the focus from continuous vulnerability identification to continuous vulnerability prioritization and remediation. Kronos divides the Predictive Vulnerability Analytics lifecycle into five stages i.e. Identify (I), Assess (A), Analysis (A), Communication (C) and Remediate (R), i.e., IAACR. It not only establishes and automates the PVA process but also defines effective KPIs and service levels for process maturity. It measures these though interactive dashboards and metrics such as Mean-Time-To-Identify (MTTI), Mean-Time-To-Detect (MTTD), Mean-Time-To-Assess (MTTA), Mean-Time-To-Communicate (MTTC) and Mean-Time-To-Remediate (MTTR).

identify
Identify assets in the network from sources such as asset management, vulnerability scanner, patch management etc
assess
Assess the security postureof the organisation through vulnerability scans, configuration audits etc
analyse
Analyze vulnerability and misconfigurations with a mechanism of Risk based prioritization of remediation while predicting threats and attacks based an vulnerabilities
communicate
Communicate vulnerabilities to relevant stake holders for remediation
remediate
Fix the vulnerabilities as per remediation priority by orchestrating patch management and configuration management

What is IAACR?

bottom_left
With Kronos, Predictive Vulnerability Analytics is broken down into five key stages
01. Identify
Kronos prepares the customers’ infrastructure for Predictive Vulnerability Analytics by ingesting all relevant information about the organization and its infrastructure and classifying it as per the customers’ requirements and configuring with industry best practices.
02. Assess
Assess phase focuses on the current state of the customer’s infrastructure. It can be considered as a gap assessment or an as-is analysis of the ecosystem. Kronos validates the inputs captured by the customer and configurations done in the Identify stage and provides recommendations for better accuracy and continuous process improvement.
03. Analyze
Analyze is the most important phase in Kronos as this is the phase which would give the customer key value additions in their existing Predictive Vulnerability Analytics process. Kronos AI and ML models perform analytical operations on the asset and vulnerability information captured in the Identify and Assess phase.
04. Communicate
Communicate phase is the phase where Kronos communicates the analysis results computed in the previous phase to relevant stakeholders through reports, emails, change requests and tickets on the respective ticketing tool.
05. Remediate
Remediate phase of IAACR is the remediation phase where Kronos automatically patches the vulnerable systems either by pushing patches using Patch Management solution or running Kronos custom scripts (PowerShell, Shell, etc.) on target machines for completing configuration changes.

Kronos Advantage

Gain visibility into Attacks, corresponding Threats and Actors
Ability to contextualise Attacks, Attackers and Incidents from Vulnerability perspective
Single pane of Identification, Hunting and Remediation
Predictive Hunting using Attack simulation of attackers in the network
Automated Predictive Threat Intelligence
Automated Remediation Process
Mac-r

Integrations

Readily Integrates with your Existing Tools

As an orchestration platform, Kronos integrates with third party technology solutions in Asset Management, Vulnerability Management, Incident Management, Change Management, Patch Management and Configuration Management and automates the task on each of these solutions within the IAACR process. Further, these third-party solutions also act as a data source for Kronos Artificial Intelligence Engine (AIE) and Machine Learning (ML) Models which classifies, analyses, prioritizes, predicts, and remediates threat and risks for the customer.

summary

Your Autonomous Security Analyst

Kronos is a big data system that empowers it’s users with native Threat and Vulnerability Intelligence capabilities which is correlated with the data collected from the above-mentioned data sources to provide a real-time view of the customers’ threat landscape. Kronos AIE and ML models are programmed and optimized to provide a contextual risk scoring mechanism to the customers’ assets and vulnerabilities and help them take a risk-based approach to Predictive Vulnerability Analytics.

The idea behind Kronos is to provide a robust enterprise level security solution with a consumer grade UI having self-optimization capabilities with a time to value of less than a day. It is based on the principles of zero-touch and intelligent automation and provides a plug and play experience to customers. You can consider Kronos as a digital version of your security analyst who knows exactly what to do, when to do and how to do – 24x7x365 – at a fraction of the cost.

Group 99
Book a free demo and find out more about how Hive Pro can work for your business!
Improve your Cybersecurity with

ARTEMIS

Pentesting Collaboration
  • Data Driven Fusion Platform
  • Single console for Automated, External and Internal Penetration Testing
  • Security Maturity Model for Penetration Testing
  • On-Prem, Private Cloud, SaaS based
  • Vulnerability Disclosure program
  • Centralised Issue Tracking
  • Multiple Personas /workspaces and Customizable Dashboards
artemis_flip