Article by Harrando Rachid Originally posted on Linkedin One of many capabilities of vFeed Inc. magic is the connection between vulnerabilities (CVE) and Mitre ATT&CK Framework. Here why it is useful for organisation that are worried about cyber threats: The Common Vulnerabilities and Exposures (CVE) system, managed by the National Cybersecurity FFRDC (NCF) and sponsored […]
Oct. 2022 Update : Support to Exploit Prediction Scoring System (EPSS) & Know Exploited Vulnerabilities (KEV)
Here is a fresh new update to our vFeed Vulnerability Intelligence. For this release, we went risk-oriented and thus by adding 2 new features that went viral. Indeed, vFeed now enriches its IoVs (Indicators of Vulnerability) with data from EPSS (Exploit Prediction Scoring System) maintained by FIRST and the Know Exploited Vulnerabilities (KEV) Catalog maintained by CISA. First of all, […]
Hello Fellow Customers & Friends. We’re back with some great news ! We continue to evolve the Vulnerability Common Patch Format feature. This time, we have enlarging the scope of “vulnerable packages” to “IBM FLRT” dataset. We have also augmented the bulletin indicators with the support to Mozilla Security Advisories. Few other mappers has been […]
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management ﬁnd themselves drowning in a myriad of critical and urgent tasks.
Hello Fellow Customers & Friends We’re back with some great news. First, we continue to expand the support to the Vulnerability Common Patch Format feature introduced earlier this year. Indeed, we have enlarging the scope of “vulnerable packages” to “Apache” dataset. The roadmap of vulnerability indicators has also grown with several new mappings requested by […]
MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a curated knowledge base and model forcyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected. […]
As notified in our last December 2020 Newsletter, we have introduced a new great feature “Vulnerability Common Patch Format – VCPF”. Basically, instead of reporting links to bulletins, we have extended our engines to enumerate “vulnerable packages” and “vulnerable versions” affected by vulnerabilities. For its first release, we have implemented the support to “Ubuntu” dataset. Great […]
We delved into the tons of vulnerability intelligence data we accumulated over the years. I love to see patterns as I firmly believe that there will be always someone out there that will give these data a meaning.
Our Customer Whitepaper Highlight CloudDefense Making Shift Left Easier Cloud Defense AI was founded by the desire to solve a problem. Securing applications is hard enough already, and even more so when having to stitch together a stack of up to 8 tools. CloudDefense solution to secure your entire application – SCA, SAST, DAST, API, […]
I’m excited to announce new updates & enhancements regarding the vFeed Vulnerability Intelligence Service. 2 major new addition for this release are the support of 5000+ exploits (mainly from Github) and the alignment with ATT&CK v7.2. We will continue focusing on adding and enhancing the quality of data to bring our customers the best vulnerability intelligence feed.