At Geekcon 2024 in Singapore on May 25th of 2024, a dozen of top-tiersecurity experts, researchers, business executives, and government officers jointly and officially released the AVSS(Adversarial Vulnerability Scoring System) White Paper 1.0.

AVSS is a scoring guideline for evaluating the security level of information systems, loTs, or their subcomponents, based on real-world adversarial activities. It was first proposed, maintained, and managedby the independent security research organization DARKNAVY.

On behalf of the GeekCon organising committee, I would like to extend a very warm welcome to each and everyone of you, to Singapore, and to GeekCon 2024.

Over the last five decades, I have been a fervent advocate for nurturing and attracting talent, both locally and internationally, to drive Singapore’s growth and innovation. I am proud to say that these efforts have yielded significant, measurable outcomes, thanks in no small part to the unwavering support of the government as well as the industry. Today, as we gather here at GeekCon, we are continuing this legacy by fostering collaboration and innovation, and grooming talent, in the field of cybersecurity.

As you all know, cybersecurity is not just a field of study or a profession. It is a critical interdisciplinary pillar of our modern digital society. Every day, we witness the growing sophistication and frequency of cyber attacks. These incidents cause financial losses that run into hundreds of millions of dollars globally on a daily basis. Beyond the financial impact, the repetitional damage inflicted on businesses, governments, and high-profile individuals is often irreparable.

Another alarming trend that has emerged is that of digital scams. These scams, which range from phishing attacks to complex fraud schemes, exploit the trust and naivety of individuals and organisations, beyond technological vulnerabilities. The financial and emotional toll of these scams can be devastating, affecting countless victims worldwide. The cybersecurity profession has a responsibility to develop robust strategies and response to combat these threats and protect our communities.

The effects of cyber threats and digital scams have been increasingly devastating. The sheer scale and complexity of the challenges we face demand innovative and proactive solutions. This is where events such as GeekCon play a important role. GeekCon is not just a platform for showcasing talent. It is a crucible for the generation and sharing of ideas and strategies that will shape the future of cybersecurity.

In particular, at this GeekCon, Daniel Wang Qi, the founder and CEO of DarkNavy will be sharing his idea of an approach for assessing systems security. He calls it the Adversarial Vulnerability Scoring System, or AVSS in short. This scoring system is designed to assess the strength of cybersecurity defences using a quantifiable methodology from an offensive perspective. It is an approach that focuses on understanding and anticipating the tactics of attackers to better fortify our defences.

AVSS offers a structured way to evaluate vulnerabilities and devise strategies to mitigate them. Daniel and his research team have prepared a white paper on AVSS, which will also be released at this GeekCon, not just to raise awareness, but also to solicit comments for improvement so that the entire cybersecurity community benefits.

As we move forward, it is essential to remember that cybersecurity is a dynamic and ever-evolving field. The threats we face today are not the same as those we will encounter tomorrow. Continuous learning, adaptation, and collaboration, are therefore crucial. Events like GeekCon play a vital role in fostering these qualities, providing a platform for experts to share their insights with practitioners, and for new ideas to emerge.

Philip Yeo

Ex Special advisor in Prime Minister Office;

Ex Executive Chairman of Agency for Science, Technology and Research;

Ex Executive Chairman of Economic Development Board;

Chairman of GEEKCON Committee

It"s great to be here at this amazing event, surrounded by so many brilliant minds in the cybersecurity world. Today, I"m excited to tell you about something we"ve been working on at DarkNavy and GeekCon – our Adversarial Vulnerability Scoring System, or AVSS for short.

Cybersecurity is all about the ongoing battle between attackers and defenders, with vulnerabilities being the key battleground. We all know that vulnerabilities will always exist.

With this in mind, what"s the real value of our security efforts?

Security isn"t black and white. It"s not just secure or insecure. The main goal of our security defenses is to make it as tough as possible for attackers, raising their costs and efforts.

For years, at DarkNavy and GeekCon, we"ve been diving deep into the minds of malicious and sophisticated attackers, helping many enterprises identify vulnerabilities. The reality is stark: breaching a well-protected system might require top-notch security teams working for hundreds of days, while less fortified systems could be compromised in just days by regular attackers.

As consumers, we naturally prefer products or systems that are harder for attackers to crack. So, for enterprises that prioritize security investments, this isn’t just a cost – it"s a competitive advantage.

We believe that security should be seen as a crucial market differentiator. This shift in perspective will push cybersecurity to the top of the priority list across various sectors, ensuring better protection for users.

That"s why we"ve developed the Adversarial Vulnerability Scoring System – AVSS. It"s an innovative, open framework for security assessment from the attacker"s perspective. AVSS strengthens defenses and supports data-driven decision-making.

By quantifying security strengths, it helps businesses make informed choices, maximize their security investments, and stay ahead of emerging threats.

Today, we are releasing the first edition of the AVSS white paper. This achievement would not have been possible without the efforts of Chairman Philip, our commitee team, research team, customers and the white hat community. Right now, behind the stage, AVSS participants are testing the security defenses of smart phones and car systems through offensive and defensive confrontations.

Our vision is to build a robust cybersecurity evaluation platform through collaborative efforts within the security ecosystem.

Thank you all for being here and for your commitment to advancing cybersecurity. Let"s work together to make our digital world safer and more secure.

Daniel Wang Qi

Founder of DARKNAVY and GEEKCON

As a pioneer and promoter of adversarial evaluation and security quantification, DARKNAVY will periodically release AVSS technical reports in the future.

To download AVSS Whitepaper 1.0:https://www.avss.sg/doc/AVSSWhitePaperReleasedv10.pdf

声明:本文来自DARKNAVY,版权归作者所有。文章内容仅代表作者独立观点,不代表安全内参立场,转载目的在于传递更多信息。如有侵权,请联系 anquanneican@163.com。