Recorded Future, the world’s largest provider of intelligence for enterprise security, today announced additional functionality for its Vulnerability Intelligence solution to arm defenders with the prioritized and real-time intelligence needed for effective vulnerability management programs. To stay one step ahead of adversaries, Recorded Future offers visibility into vulnerabilities disclosed from major technology vendors, increased detection of vulnerabilities exploited in the wild, and Risk Score history to track weaponization over time. Recorded Future empowers security teams with contextualized vulnerability intelligence through its powerful Intelligence Graph to deliver real-time insights into emerging vulnerability risk, including evidence of exploitation, proof-of-concept code, and links to malware.
The number of critical vulnerabilities has exploded in recent years, with over 18,000 new vulnerabilities published in 2020 alone. Of those, 57 percent were classified as “high” or “critical” severity. Security teams struggle to match the speed of vulnerability disclosures and don’t have the time or resources to know where to start prioritizing. Recorded Future’s Vulnerability Intelligence instantly identifies newly disclosed vulnerabilities, providing risk-prioritized, real-time visibility into vulnerabilities relevant to an organization.
“We know we can’t patch everything. Recorded Future helps us quickly assess and prioritize things such as phishing emails and critical vulnerabilities, which helps us focus our efforts and speed up response times to high-priority threats. Now, if our CISO forwards us an email about a brand new vulnerability, we can do a rapid analysis, find out if it’s going to impact us, and communicate our findings to the security team quickly.” – Chris Zieg, Senior Security Engineer, Land O’Lakes
Recorded Future’s Vulnerability Intelligence solution arms security teams with prioritized intel including:
- Real-time vulnerability risk scoring – Scoring dynamically changes based on recent evidence of external risk factors including exploitation in the wild, proof of concept code, and links to malware. Recorded Future’s extensive technical data sources ensure the most comprehensive risk coverage in the market.
- Industry-leading Pre-NVD visibility – Recorded Future identifies newly disclosed vulnerabilities 11 days faster than the National Vulnerability Database (NVD), on average. This is enabled by automated collection from over one million unique sources, including instant insight into vulnerabilities from major vendors including Microsoft, Cisco, and Adobe.
- Transparent risk evidence and history – Direct access to risk evidence allows for high-confidence patching decisions for business executives and asset owners. Visibility into Risk Score history enables tracking a vulnerability’s weaponization path over time, from vendor disclosure, to proof-of-concept code, to widespread exploitation.
“As it stands, the practice of vulnerability management is unsustainable, with defenders overwhelmed by the sheer number of vulnerabilities being disclosed. Basing patch prioritization efforts on CVSS is not enough to ensure adequate coverage for your business. Organizations need contextual data on the likelihood that a vulnerability will ever be used in an attack against their organization. Effective vulnerability management is achievable when intelligence is layered in to offer real-time, risk-prioritized vulnerability visibility.” – Jamie Zajac, Vice President of Product, Recorded Future
For more such updates follow us on Google News ITsecuritywire News.