The Threat Risk Assessor: A Novel Proactive Approach to Cyber Threats Management

Over the past years, the growing digitalisation and interconnection of information systems has led to significant innovations. However, the direct consequence of this situation has been a significant increase in attack surfaces and related exploitable vulnerabilities. This has led to a significant growth of attacks, characterised by an increasing level of sophistication, guided also by multi-vector strategies. In front of these new threats, classic approaches based on static and post-event intervention, have begun to show significant limitations. This scenario has led to the creation of the Threat Risk Assessor (TRA), a technology that aims to transform risk management through the introduction of predictive and proactive methodologies. The key characteristics of the TRA include: continuous and adaptive monitoring of system behaviour, collection and correlation of Indicators of Compromise (IoC), contextual assessment of risk situations, structured generation and management of alerts and associated reports. Another innovative feature is the Attacker Portal, which allows the execution of controlled simulations of complete attack chains. This makes it possible to assess the resilience of infrastructures and proactively identify vulnerabilities before they can be exploited by malicious actors. The final solution proposed is a modular system that is independent of the application context and capable of adapting to different operating environments without compromising effectiveness. In summary, the TRA represents a step towards a dynamic and proactive approach to cybersecurity, capable of adapting to evolving threats. Furthermore, the experimental validation conducted has highlighted its potential contribution to strengthening the robustness of operational infrastructures, promoting the development of increasingly secure and resilient systems.