New Feature
Contextualized CVE information for faster threat research, without the overwhelm
Cyber attacks are increasing in volume and sophistication across every industry and category, leaving threat analysts and frontline security teams faced with a flood of information. The consequences of missing critical information are astronomical, but no human can keep up with this onslaught of data on their own.
You need relevant, real-time, accurate information – and scrolling through an endless list of sources won’t get you there. That’s why we’re excited to announce that Leo, your AI research assistant, now aggregates information on vulnerabilities, exploits, malware families, and threat actors into a single view so that he can help you proactively track and research CVEs.
The Leo CVE Dashboard gives you at-a-glance visibility into relevant trending vulnerabilities, and you can use Leo to focus any of your feeds for faster insight into risks impacting your business’s software, hardware, and application stack.
Information overload is real. This is why we enhanced Leo’s cybersecurity knowledge graph so he can help you proactively track and research critical vulnerabilities and zero-day exploits relevant to you.
With Leo, you can prioritize the CVEs that impact your organization’s technology stack and reduce the time it takes to investigate threats by up to 70%. All of this information is available at a glance via the Leo CVE Dashboard and throughout your Feeds.
Try Feedly for Cybersecurity
Before using Feedly for Cybersecurity, my biggest challenge was to quickly sort through all the data to find the top CVEs by mention, and track their relationships with exploits, patches, etc. It would take a lot of work to search through unstructured text and large bulk files. With Leo, it’s so much easier to quickly review details of a CVE and its associated relationships.” Michael Rossi, Independent Security Consultant, Cybeta
The Leo CVE Dashboard: a complete CVE overview in a glimpse
If you want to dive deeper into a CVE, exploit, or threat, Leo synthesizes vulnerability, patch, exploit/PoC, malware, and threat actor information into a single CVE Dashboard. Leo eliminates the time you used to spend opening a new browser tab, searching, browsing for the resource you want, and skimming everything individually to find what mattered.
Instead of having dozens of research tabs open in your browser, The Leo CVE Dashboard consolidates the information into a single location where you have at-a-glance views of:
CVSS score and vector string CWEAffected systems, including vendor advisoriesExploit informationPatchesAssociated malware familiesAssociated threat actorsAwareness graphNumber of Web and Social Media mentions, including Twitter and Reddit
For new vulnerabilities that don’t have a CVSS assigned yet, Leo uses a proprietary NLP model based on the CVSS v3 methodology to forecast this score. This way, you can spot new threats and take proactive steps in real-time.
Color-coding helps you make quick decisions about the next steps in your investigation. The darker the color on the Awareness graph, the more people are talking about the CVE across the web.
Get complete CVE overviews in a glimpse.
Leo provides links to all the external resources you need to investigate the CVE, so you can more rapidly respond to threats and improve important cybersecurity metrics like mean time to detection (MTTD), mean time to investigate (MTTI), and mean time to remediate (MTTR).
Dig deeper, faster, to determine if a specific vulnerability represents a critical risk for your organization based on its technology stack to decide whether to flag the intel and share it with the rest of your team.
For example, you can click on “Affected System” or “Patched” to go directly to those sources like the National Institute of Standards and Technology (NIST) National Vulnerability Database or websites with patches for remediation purposes.
Click elements on the dashboard for more context and source material.
“Before using Feedly for Cybersecurity, it was hard to prioritize which vulnerabilities were more important at a glance and determine if they applied to our networks. Now that we use Leo, we have been saving so much time, it’s much appreciated!“– Feedly for Cybersecurity Customer
Leo can surface relevant critical vulnerabilities across your Feeds
In addition to his interactive CVE Dashboard, Leo also prioritizes the most recent and talked about CVEs, right on your Today page. Simply click on a CVE name to see the dashboard complete with the information necessary for critical decision-making.
Leo knows cybersecurity because we taught him about CVE, CVSS, exploits, patches, threat actors, and other security intelligence concepts. Leo summarizes the information from various resources including NVD, vendor advisories, blogs, Twitter, and Reddit so you don’t have to check each location, sifting through posts unrelated to the CVE you care about.
The Trending in Cybersecurity dashboard showcases the top 5 trending vulnerabilities.
You can add new Leo Priorities on top of your current feed to add contextual business risk. For example, if your technology stack includes Oracle, Adobe, and Google Chrome, but not Samba, you can refine Leo’s priorities so you only see what’s relevant to your organization.
Train Leo to prioritize vulnerabilities based on CVSS score to increase the relevance of your feed. Leo can flag risks related to your organization’s unique technology stack so you can out pace attackers.
You can start by training Leo to surface CVE’s based on Qualitative Severity Rating Scale — choose our preset for “high” or specify the CVSS scores to build your organization’s context into what you see.
Training Leo by using “HIGH” in combination with either products or vulnerability types personalizes your feed based on your organization’s unique needs. This lets you focus on the risks specific to your organization, weeding out the information you don’t need.
Surface the critical (CVSS > 8 or CVSS > 5 and exploit) vulnerabilities related to Oracle, Adobe, and Chrome.
All of these features, plus several more, are available as a part of Feedly for Cybersecurity. This package of Leo skills, enterprise features, and advanced knowledge graph access is perfect for cybersecurity teams that need to reduce noise and quickly identify risks. To learn more about any of these features, or start a free 30-day trial, click the link below.
Try Feedly for CybersecuritySave time researching CVEs so you can spend more time securing them.Start 30 Day Trial
Source: Internet Gov forum