PKM Deep Advisor – A Predictive Harm-Oriented Framework for Vulnerability Prioritisation Beyond Severity Labels

Authors

  • Kibavuidi Nsiangani Université Simon Kimbangu image/svg+xml , Deep InfoSec LTD , CENA Author

DOI:

https://doi.org/10.5281/zenodo.17506980

Abstract

Current vulnerability management practices typically rely on static severity labels that poorly correlate with realised exploitation and business harm. This work introduces a new epistemic shift in the modelling of cyber risk, placing predictive consequence rather than symbolic severity at the centre of prioritisation. Instead of ranking vulnerabilities as isolated items, PKM Deep Advisor structures the security landscape as a dynamic interplay of context, dependency, exploitability, and business criticality. The work focuses on the general paradigm, evidence of observed improvements in prioritisation correctness within regulated environments, and the governance benefits of reasoning directly on harm reduction rather than numeric severity.

The approach leverages structural reasoning, root-cause mapping, and contextual modelling to collapse artificially inflated vulnerability backlogs into tractable remediation sets. Early field results (not disclosed here due to contractual confidentiality) indicate that measured risk decreases are driven less by scanning volume and more by correctly identifying the small number of remediation decision points that actually suppress downstream systemic fragility. This is directly aligned to the intent of modern regulatory regimes (e.g., DORA, NIS2) which require demonstrable risk-based prioritisation but do not prescribe the static severity pipelines inherited from previous decades.

Full technical details, algorithms, mathematical formulations, data, and implementation specifics are intentionally withheld at this stage pending provisional patent filings. Interested reviewers, researchers or institutions may request access to the restricted full text under formal NDA for scientific or evaluation purposes.

Status: patent filings in preparation / pending

Access policy: full PDF restricted, metadata public
License: all rights reserved
Full text available only under NDA (on request)

 

Author Biography

  • Kibavuidi Nsiangani, Université Simon Kimbangu, Deep InfoSec LTD, CENA

    Head of Dpt at USK

    Head of Research at Deep InfoSec LTD

    Senior Researcher at CENA Research Institute

     

Published

2024-08-04

Issue

Vol. 28 No. Special (2024): The Future of AI and Cybersecurity

Section

Articles