Recorded Future - Prioritize Vulnerabilities With Unprecedented Intelligence for Free

How do you describe vulnerability management in your organization? If terms like “rat race” or “hamster wheel” come to mind, you’re not alone. As Gartner analyst Anton Chuvakin wrote in a recent blog post, “However hard you run, 90% of vulnerabilities stay because as you fix the old ones, new ones appear. Rinse, repeat, forever.”

Last year alone, nearly 17,000 new vulnerabilities were published, and of those, nearly 10,000 (57%) were classified as having “high” or “critical” severity. It’s pretty much impossible to tackle them all manually — so, which vulnerabilities really need your attention?

There is good news, however: As organizations rapidly expand their digital footprints and new vulnerabilities grow exponentially, only 5.5% of all vulnerabilities are ever actually exploited in the wild. If only there was a way to instantly prioritize your patching efforts based on the most relevant vulnerabilities.

Now there is — and it’s free!

Recorded Future Express: Elite Security Intelligence for Free

Recorded Future Express is our new browser extension that delivers elite security intelligence at zero cost.

With access to real-time risk scores for any IP address, domain, hash, and CVE appearing on any webpage, you can instantly understand which vulnerabilities are actually risky, so you can patch those first.

The best part (besides being completely free) is that you can access all of this elite intelligence directly over your vulnerability management solution — no extra steps or workflow changes required!

How Express Makes Vulnerability Management Manageable

Recorded Future uses a powerful combination of machine and human analysis — fusing open source, dark web, technical sources, and original research — to gather our security intelligence. The Express browser extension puts everything we know about any vulnerability, domain, hash, or IP address directly at your fingertips.

All of this data is aggregated into categories called risk rules, which are color-coded by severity. Risk rules are then assigned an overall risk score from zero to 99, determined by which rules are currently triggered.

Each indicator type has a distinct set of risk rules that make up its risk score. The highest severity level associated with an indicator determines its base score:

  • Very Malicious: 90
  • Malicious: 65
  • Suspicious: 25
  • Unusual: 5

We score vulnerabilities based on actual exploitability, so vulnerability management teams have the context they need to identify and confidently prioritize risks, patch problematic vulnerabilities fast, and minimize expensive off-cycle patches. Additionally, our patented machine learning automatically detects reporting of new observables — from vulnerabilities and exploits, to threat actors targeting your specific organization and industry — so you can proactively monitor your tech stack for vulnerabilities and minimize risk.

Check out this quick e-book to learn more about how you can use Express to instantly prioritize vulnerabilities, enrich indicators, and jump-start investigations. Then, download Express today to start focusing efforts on the vulnerabilities that present real risk to your organization.

The post Prioritize Vulnerabilities With Unprecedented Intelligence for Free appeared first on Recorded Future.



from Recorded Future https://www.recordedfuture.com/free-vulnerability-prioritization/

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

Krebs - NY Charges First American Financial for Massive Data Leak

Image
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. First American Financial Corp. Santa Ana, Calif.-based  First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019 . As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. The docum
Read more

SBS CyberSecurity - In The Wild 166

Image
  In The Wild - CyberSecurity Newsletter Welcome to the 166 th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNOW Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evo
Read more