The WhatsAtRisk platform integrates a wide range of cyber intelligence into a cohesive knowledgebase
Informing, Coordinating, and Accelerating Cyber Defense decisions at all levels of the organization

Protinuum's WhatsAtRisk™ is a Comprehensive Cyber Risk Intelligence Platform
that informs and accelerates decisions for Security Operations

The WhatsAtRisk™ Platform

The WhatsAtRisk Platform fuses a broad range of intelligence data and information into operational knowledgebases or "intelligencebases", utilizing directed graph technology.

All aspects of the business/mission, mission-critical dependencies on IT infrastructure, and monitored threat behavior can be captured in these intelligencebases; entered and maintained either manually (i.e., by analysts and operators) or automatically through machine-to-machine interfaces with any existing authoritative data sources.

Dependencies are characterized by the direction and criticality of the dependence; which are both used in the risk scoring and propagation through the intelligencebase.

WhatsAtRisk integrates the 7 Vectors of Cyber Risk Intelligence

Assets & Configuration Management Intelligence (ACMINT)

Vulnerability & Patch Management Intelligence (VULNINT)

Phenomena Intelligence – Observables, Events, Incidents, Cases, etc. (PHENINT)

Threat Intelligence – both Internal and External (THREATINT)

Consequence Intelligence – Business Impact, dependencies, CKT, etc. (CONSINT)

Option Intelligence – Effectiveness, Cost, Mission Impact, etc. (OPTINT)

Temporal Intelligence – Understanding the When of a Situation or Response (CHRONINT)

Risk Scoring & Propagation

“Risk Scoring” enables the Qualitative assessment of Risk, based on Quantitative risk scores on a range of resources.

With the WhatsAtRisk Platform, security monitoring, health and status events, and other vulnerability and threat intelligence is captured (either automatically from existing technologies, or manually by analysts and operators), stimulating knowledge graphs; propagating scores upward to reflect risk throughout the business.

In a knowledge graph, a node’s “Risk” score includes both the direct status of that resource, and any indirect risk inherited based upon its dependencies on other resources. Propagation algorithms are implemented as mathematical overlays on the directed knowledge graphs.

This system incorporates elements of the Cyber Command System (CyCS) Prototype that was developed by The MITRE Corporation.