Final release of PUZZLE Continuous Cyber Risk Assessment service

  • July 10, 2023
  • 3 min read

As highlighted previously, PUZZLE’s Continuous Cyber Risk Assessment (RA) service is of paramount importance for the efficient operation of SMEs & MEs since it provides near real-time monitoring and evaluation of the security and privacy risks.

The main purpose of the framework is to evaluate the assets, components, functions, offered services, and underlying infrastructure of any target SME/ME and estimate its overall level of security, in the form of risk, taking into consideration the previously identified vulnerabilities, threats, and attacks.

The main innovation of PUZZLE Risk Assessment Framework lays in the ability to consider the attack paths among the connected assets in order to calculate a more concrete risk assessment report.

The PUZZLE’s Assessment Framework considers the actual dependencies among the assets and how these dependencies could lead to potential attacks giving a vulnerable entry point.

Figure 1: High-level flow of actions of PUZZLE’s Risk Assessment

In the final release of the Risk Assessment framework provided in the context of PUZZLE, several updates took place regarding the aforementioned component since its first release, including Asset Modeling & Visualization, Risk Quantification, Administration as well as the new Attack Filtering features, along with the latest updates of the communication interfaces between RA and the different components/services of the PUZZLE Framework by REST and KAFKA APIs.

More specifically, new features both in the context of additional functional specifications (to better support the overall vision of a risk assessment process capable of being aligned with the latest CVSS methodology, as defined by ENISA) but also newly designed components for enabling the secure and privacy-preserving sharing of threat intelligence information through the PUZZLE Blockchain-based Marketplace, were implemented in the final RA release, including updates on the risk quantification methodology for delivering a new approach for the quantification of risk of the attack paths along with the forth and back compatibility with the new and old versions of the CVSS scoring system. Also, updated features of the Attack Path generation mechanisms were implemented providing a holistic assessment approach that considers the interdependencies among the connected assets of the target SME&ME environment. Last but not least, new developments that enable the straightforward definition of (Cilium-based) security policies are also considered.

Apart from the above-mentioned additional functionalities, the KAFKA-based communication infrastructure adopted in the context of the framework was also delivered, enabling the harmonic interactions between all internal components of the PUZZLE Runtime Risk Assessment Framework (i.e., Attack Filtering, PUZZLE’s Threat Intelligence Marketplace) with the other PUZZLE components through newly defined integration points (i.e., adoption of KAFKA-based technologies).

Author: UBITECH Greece
Featured Photo by StockSnap from Pixabay