, /PRNewswire/ -- , an organization composed of members of the medical device manufacturer community dedicated to improving medical device security through education, awareness, and advocacy, today announced a Large Language Model (LLM)-approach to analyze medical device vulnerabilities. Microsoft OpenAI Azure Service is being used as mitigation for the recent disruptions in the National Institute of Standards' (NIST) National Vulnerability Database (NVD) updates, which have raised significant concerns in the cybersecurity community. A recent report from found that NIST has analyzed less than 1 out of 10 vulnerabilities published in the NVD since mid-February of this year.
According to the report, since , 12,720 new vulnerabilities were added to NVD. However, over 11,000 of these vulnerabilities have not been analyzed, making it challenging for security professionals to determine vulnerabilities within their software. In response, MedISAO is leveraging advanced AI to maintain the flow and quality of vulnerability data to ensure that organizations can still access crucial vulnerability data.
By using an LLM agent, MedISAO's system processes vulnerability information from NVD, MITRE, and other external sources, constructing CPE product and version match data to ensure continuous vulnerability enrichment, crucial for maintaining robust cybersecurity practices. This AI-driven approach is supported by Medcrypt's Software Bill of Materials (SBOM) and vulnerability management tool, .
