News

NSS Labs Offers Cyber Advanced Warning System for Free (CDSA)

By Chris Tribbey

Information security research and advisory company NSS Labs has announced a new, free version of its Cyber Advanced Warning System (CAWS), a security as a service (SaaS) offering that pinpoints active exploits, measures security efficacy, and continuously spotlights asset risks.

Dubbed CAWS Community, the free version offers insight into current and past exploits being used by adversaries worldwide, and does it using specific exploit information, instead of offering generic threat intelligence. NSS Labs’ Cyber Advanced Warning System was first launched in March of this year, but has been restricted to a smaller number of customers. NSS hopes its free offering will encourage more widespread adoption.The free version comes with a 30-day trial of its full CAWS application suite. After the month is up, users can choose to keep Community, or subscribe to a number of paid-for applications, NSS said.

“Providing free cyber risk information to all companies — small or large — was an important decision for NSS,” said NSS CEO Vikram Phatak. “No organization can protect against everything all the time. And, as recent attacks have shown, size or type of company has little to do with who should be concerned.

“Our continuous testing and active exploit intelligence can help any organization prioritize efforts against the threats that pose the most risk.”

The subscription applications that are offered outside of the free trial include including ThreatViewer, ShieldViewer and RiskViewer. ThreatViewer’s data allows subscribers to know with operating systems and applications are at risk given any single exploit, while ShieldViewer allows users to create profiles comprised of specific security defenses. RiskViewer delivers “what-if” modeling designed to enable security investment planners to assess questions like, “Had I chosen a different vendor solution, would I be better protected?” and “Should I update my applications more frequently?”

NSS estimates that just a few hundred commercial exploit kits enable 97% of all breaches, and that there are an estimated 400,000 new malware variants emerging every day.