MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a curated knowledge base and model forcyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected. […]
As notified in our last December 2020 Newsletter, we have introduced a new great feature “Vulnerability Common Patch Format – VCPF”. Basically, instead of reporting links to bulletins, we have extended our engines to enumerate “vulnerable packages” and “vulnerable versions” affected by vulnerabilities. For its first release, we have implemented the support to “Ubuntu” dataset. Great […]
We delved into the tons of vulnerability intelligence data we accumulated over the years. I love to see patterns as I firmly believe that there will be always someone out there that will give these data a meaning.
Our Customer Whitepaper Highlight CloudDefense Making Shift Left Easier Cloud Defense AI was founded by the desire to solve a problem. Securing applications is hard enough already, and even more so when having to stitch together a stack of up to 8 tools. CloudDefense solution to secure your entire application – SCA, SAST, DAST, API, […]
I’m excited to announce new updates & enhancements regarding the vFeed Vulnerability Intelligence Service. 2 major new addition for this release are the support of 5000+ exploits (mainly from Github) and the alignment with ATT&CK v7.2. We will continue focusing on adding and enhancing the quality of data to bring our customers the best vulnerability intelligence feed.
This paper was based on the report from Ponemon Institute “Costs and Consequences of Gaps in Vulnerability Response”. vFeed, Inc outlined the most significant outcomes and mapped them with the data features provided by our vulnerability intelligence solution. And it was astonishing to see how our datasets are completely aligned with the conclusion and with […]
The CISA agency has released 12th May 2020 a nice article regarding 10 vulnerabilities that has been the most exploited from 2016 to 2019. Here is the original article. In the following post, we will show you how effective and straight-to-point vFeed indicators can be when it comes to tackle immediately with all facets of […]
There is no shortage of potential threats to your digital security. In fact, the number and diversity of attacks, vulnerabilities, and exploits are growing at an increasing pace. From operating systems to client programs to firmware for our network devices – nothing remains untouched for long. Luckily, the digital security field consists of an active […]
Almost for as long as computers have been around, there have been vulnerabilities and individuals willing to exploit them for their gain, and your detriment. These vulnerabilities aren’t decreasing, but actually increasing as the complexity and diversity of our technologies and software systems expand over time. In many cases, these vulnerabilities are picked up by […]
Security company ClearSky has released few days ago a very detailed report about Iranian hackers Group that have targeted large companies from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world in order to plant backdoors. In this post, we will show you how our vFeed indicators could have been […]