Project: Boman.ai

From Sumeru Software solutions Pvt Ltd (Jan 2022 - Sep 2023) [cite: 223, 226]

Business Problem Statement

Clients faced challenges with high rates of false positive alarms in vulnerability scanning, an inefficient vulnerability prioritization process, and a lack of centralized monitoring for ML models and security predictions. [cite: 227, 228, 229]

Solution

• Achieved a 95% reduction in false positive alarms in vulnerability scanning, saving developers 5 hours of work. [cite: 227]
• Developed an Exploit Prediction System (EPS) model that predicts exploitation likelihood, achieving 42.5% efficiency in vulnerability prioritization. [cite: 228]
• Built a dashboard for monitoring ML models and EPS predictions, integrating various scanning tools. [cite: 229]
• Implemented Project Vulnerability Grades for data-driven security analysis and prioritization of vulnerabilities. [cite: 230]
• Predicted exploitation trends with 98.5% accuracy based on historical data. [cite: 231]
• Enhanced data integrity and protected critical applications using ML/AI technologies. [cite: 232]
• Enabled users to identify top vulnerabilities and receive recommendations for efficient remediation. [cite: 233]
• Developed a prioritization system based on CVE, exploitation potential, and CVSS scores. [cite: 234]

Tools & Frameworks Used

• ML/AI technologies [cite: 232]
• Statistical models [cite: 353]
• Dashboarding tools [cite: 229, 356]
• Python [cite: 338]
• Pandas, NumPy [cite: 358]
• Scikit-learn, TensorFlow, PyTorch, Keras (general AI/ML libraries) [cite: 351]