An Unpatched Vulnerability, A Substantial Liability

An Unpatched Vulnerability, A Substantial Liability

Even the largest and most mature enterprises have trouble finding and patching vulnerabilities in a timely fashion. As we see in this article challenges include getting patches pushed through a sophisticated supply chain and ultimately to a system whose end user may have devices configured to not allow automated remote patch application. We see this play out with every product that contains a line of code, from the simplest programs to large SaaS platforms with stringent performance, scalability, and availability requirements: patches need to be implemented at the earliest opportunity in order to avert catastrophe.

This plague of failing to patch vulnerabilities is infesting enterprises globally and is spreading like wildfire. It seems that nearly every day brings another breach, another company forced to spend millions reacting after the fact to a threat that may have been prevented. These attacks are often successful due to unpatched systems.  Victim companies that could have been proactive and taken measures to prevent these attacks, now find themselves in the spotlight with diminished reputation, the possibility of regulatory fines, and lost revenue. 

We see this pattern far too often and want to help. Exodus Intelligence’s new EVE (Exodus Vulnerability Enrichment) platform delivers real time updates on things that your security team needs to be worried about and helps you prioritize patches with our exclusive XI score that shows you which vulnerabilities are most likely to be exploited in the wild. EVE combines insight regarding known vulnerabilities from our world class researchers with supervised machine learning analysis and carefully curated public data to make available the most actional intelligence in the quickest possible manner. 

EVE is a critical tool in the war against cyberattacks in the commercial sector, allowing companies to leverage the same Exodus data trusted by governments and agencies for more than a decade. Never let your business be put in the position of reacting to an attack, get EVE from Exodus Intelligence and be proactive rather than reactive.

About Exodus Intelligence

We provide clients with actionable information, capabilities, and context for proven exploitable vulnerabilities.  Our world class team of vulnerability researchers discover hundreds of exclusive Zero-Day vulnerabilities, providing our clients with this knowledge before the adversaries find them.  Our research also extends into the world on N-Day research, where we select critical N-Day vulnerabilities and complete research to prove whether these vulnerabilities are truly exploitable in the wild.  

For more information, visit www.exodusintel.com or contact info@exodusintel.com for further discussion.

The Death Star Needed Vulnerability Intelligence

The Death Star Needed Vulnerability Intelligence

Darth Vader and his evil colleagues aboard the Death Star could have seriously benefited from world-class vulnerability intelligence. Luckily for the Rebel Alliance, Vader was too focused on threat intelligence alone.

If you’ve ever seen the original Star Wars story, you might recall that the evil Empire was confident with their defensive intelligence as well as their seemingly impenetrable defensive systems. Their intel notified them of every X-Wing, pilot, and droid headed in their direction. They were flush with anti-aircraft turrets, tie fighters, and lasers to attack those inbound threats. 

The Death Star was a fortress—right?

This approach to security isn’t unlike the networks and systems of many companies who have a vast amount of threat intelligence reporting on all known exploits in exceptional detail. Sometimes, though, lost in the noise of all the threats reported, there is a small opening. If exploited, that small opening can lead to a chain reaction of destruction. The Rebel Alliance attacked the one vulnerability they found—with tremendous results to show for it. 

Unfortunately, there are bad actors out there who are also looking to attack your systems, who can and will find a way to penetrate your seemingly robust defenses. Herein lies the absolute necessity of vulnerability intelligence. 

Exodus provides world-class vulnerability intelligence entrusted by government agencies and Fortune 500 companies. We have a team of world class researchers with hundreds of years of combined experience, ready to identify your organization’s vulnerabilities, even the smallest of openings matter. With every vulnerability we detect, we neutralize thousands of potential exploits.

Learn more about our intelligence offerings and consider starting a trial:

For more information, visit www.exodusintel.com  or https://info.exodusintel.com/defense-offer-lp/ to see trial offers.

Everything Old Is New Again

Everything Old Is New Again,
Exodus Has A Solution

It is said that those who are ignorant of history are doomed to repeat it, and this article from CSO shows that assertion reigns true in cybersecurity as well.  Threat actors are continuing to exploit vulnerabilities that have been known publicly since 2017 and earlier.  Compromised enterprises referenced in the article had five years or longer to patch or mitigate these vulnerabilities but failed to do so.  Rarely does a month go by without another article showcasing how companies are continuously compromised by patched vulnerabilities.  Why does this keep happening?

Things are hard and vulnerability management is no exception.  Many enterprises manage tens, or hundreds, of thousands of hosts, each of which may have any number of vulnerabilities at any given time.  As you may well imagine, monitoring such a vast and dynamic attack surface can be tremendously challenging.  The vulnerability state potentially changes on each host with every application installed, patch applied, and configuration modified.  Given the numbers of vulnerabilities cited in the CSO article previously mentioned, tens of thousands of vulnerabilities reported per year and increasing, how can anything short of a small army ever hope to plug these critical infrastructure holes?

If you accept that there is no reasonable way to patch or mitigate every single vulnerability then you must pivot to prioritizing vulnerabilities and managing a reasonable volume off the top, therefore minimizing risk in the context of available resources.  There are many ways to prioritize vulnerabilities, provided you have the necessary vulnerability intelligence to do so.  Filter out all vulnerabilities on platforms that do not exist in your environment.  Focus on those vulnerabilities that exist on public-facing hosts and then work inward.  As you are considering these relevant vulnerabilities, sort them by the likelihood of each being exploited in the wild.

Exodus Intelligence makes this type of vulnerability intelligence and much more available in our EVE (Exodus Vulnerability Enrichment) platform.  Input CPEs that exist within your environment into the EVE platform and see visualizations of vulnerability data that apply specifically to you.  We combine carefully curated public data with our own machine learning analysis and original research from some of the best security minds in the world and allow you to visualize and search it all.  You can also configure custom queries with results that you care about, schedule them to run on a recurring basis, and send you a notification when a vulnerability is published that meets your criteria.

About Exodus Intelligence

We provide clients with actionable information, capabilities, and context for proven exploitable vulnerabilities.  Our world class team of vulnerability researchers discover hundreds of exclusive Zero-Day vulnerabilities, providing our clients with this knowledge before the adversaries find them.  Our research also extends into the world on N-Day research, where we select critical N-Day vulnerabilities and complete research to prove whether these vulnerabilities are truly exploitable in the wild.  

 

For more information, visit www.exodusintel.com or contact info@exodusintel.com for further discussion.

CISA Urges Caution, One Year On From Invasion of Ukraine

CISA Urges Caution, One Year On From Invasion of Ukraine

One year removed from Russia’s invasion of Ukraine, CISA has issued a warning to the United States and its European allies: increased cyber-attacks may be headed to your network.

 As tensions abroad remain high, the cyber landscape will be an extension of the physical battleground. More than ever, understanding where and how your organization is vulnerable is an essential part of risk management.

 At Exodus Intelligence, the leader in vulnerability intelligence, we seek to proactively understand your organization’s vulnerabilities, to assess the associated risk of those vulnerabilities, and to provide focused mitigation guidance based on our expert research.

 Rather than fighting thousands of threats individually, Exodus focuses on neutralizing thousands of potential exploits all at once, by addressing the root cause of your system’s vulnerabilities.

 Be sure to follow along with CISA alerts and advisories to remain vigilant on the developing threat landscape during this turbulent time. We have extensive coverage of the vulnerabilities in CISA’s Known Exploited Vulnerabilities catalog and provide mitigation guidance on those vulnerabilities to ensure your organization stays protected.

 Learn more about our product offerings and solutions to see how we can protect your organization:

 N-Day

 Zero-Day

 EVE

Exodus Intelligence Launches EVE Vulnerability Intelligence Platform Targeting Commercial Enterprises

Exodus Intelligence Launches EVE Vulnerability Intelligence Platform Targeting Commercial Enterprises

Today Exodus Intelligence is excited to announce EVE (Exodus Vulnerability Enrichment), our world-class vulnerability intelligence platform. EVE allows a wide range of security operations professionals to leverage Exodus’ state-level vulnerability research. This allows those professionals to prioritize mitigation and remediation efforts, enrich event data and incidents, be alerted to new noteworthy vulnerabilities relevant to their systems, and take advantage of many other available use cases valuable in defending their critical infrastructure.

EVE makes our robust intelligence available for the first time to enterprises for use in the defense of growing cyberattacks.  The API to the Exodus body of research enables us to provide simple, out of the box integration with SIEMs, SOARs, ticketing systems and other infrastructure components that can employ contextual data.  Additionally, it enables security operations teams to develop their own custom tooling and applications and integrate our vulnerability research.

Organizations with the ability to develop automation playbooks and other tools have been able to enrich available security data, enhance investigation and incident response capabilities, prioritize vulnerability remediation efforts, and more. We can now expand that capability and visibility to the rest of the security operations team with EVE. 

EVE provides users with an intuitive interface to Exodus’ intelligence corpus made up of original research, machine learning analysis, and carefully curated public data.  This interface includes regular automated updates to intelligence data, integration with environment-specific platform and vulnerability data, interactive visualizations that operationalize the research data for SOC analysts and risk management personnel, multidimensional search capability including filters which narrow results to only vulnerabilities that exist in the user’s environment and are likely to be exploited, and the ability to schedule searches to run on a recurring basis and email alerts to the user.

EVE capabilities include:

  • Dynamic, automated intelligence feed: Vulnerability research data is updated at minimum once per day with likelihood of a vulnerability to be exploited (XI Score), mitigation guidance, and other original research combined with curated public vulnerability data to maximize visibility of the attack surface.
  • Integration with the IT ecosystem: CPE data from vulnerability scans of the infrastructure can be input into EVE and applied as context to searches and visualizations keeping focus on relevant vulnerabilities.
  • Smart data visualization: The dashboard provides a wealth of information including a real-time likelihood that an existing vulnerability will be exploited in the environment, vulnerabilities grouped and sorted by categories such as attack vector or disclosure month, and which platforms in the environment have the most vulnerabilities. All visualizations are interactive allowing the user to drill into the vulnerability details making the data actionable.

About Exodus Intelligence

We provide clients with actionable information, capabilities, and context for proven exploitable vulnerabilities.  Our world class team of vulnerability researchers discover hundreds of exclusive Zero-Day vulnerabilities, providing our clients with this knowledge before the adversaries find them.  Our research also extends into the world on N-Day research, where we select critical N-Day vulnerabilities and complete research to prove whether these vulnerabilities are truly exploitable in the wild.  

For more information, visit www.exodusintel.com or contact info@exodusintel.com for further discussion.