Analyzing the vulnerabilities and giving ranking to each vulnerability (ranking ranges between 1 to 37), higher the rank the chances of getting the vulnerability exploited is more.

More commonly vendors keep a track of vulnerabilities ranking between 10 and 37.

What is vulnerability ranking?

A vulnerability with a ranking of 10.00 is 10times more likely to be exploited than a vulnerability with a ranking of 1.0

Data input: Web Scraping

1. 90% of Vulnerabilities are hard to get relative data for predicting the Cyrating, other way we could say lot of data. Implementing machine learning models to improve our models prediction(improve the Cyrating).
2. The dataset for training and testing is different. We cannot club training and testing dataset because the underlying information is highly volatile over the period.
3. The input feature set is 6k+ columns, we use various EDA and feature engineering techniques to get the best feature set for model building and training.
4. The dataset is highly imbalanced and noisy, we use customized weights to minimize the impact of imbalanced data

Drawback: Dependency on Historical data, Its hard to analyse the rating for new Vulnerabilities because of lack of data and the training and testing set data ranges are different and we cannot club them.

1. Minimized the external data dependency by implementing various machine learning models and predicting the rating
2. Improved the performance of existing models.
3. Identified the other possible source of input data to minimize the noise.
4. Automated the monitoring process of changes in vulnerability identification mechanism.