A clear, present, and growing danger is software vulnerabilities. Full stop. This isn’t anything you don’t know. The most effective security teams are investing in both reactive security products and services, as well as proactive security products and services. The proactive ones include vulnerability scanning products, application development fuzzing services, and others. However, the industry trend today is largely to invest in reactive security products like email security gateways, firewalls, and end-point protection tools. This is fantastic, but, alas, sometimes these products can only serve as band-aids that keep out the dirt. They don’t cut down the potential of another or a deeper cut in the same or different software.
The Status Quo is Not Enough
Vulnerability compliance used to be enough. Stay up to date with your vendors software versions and you’re good to go. Meltdown and Spectre are vulnerabilities that have been around for a decade. Once discovered the vulnerability wasn’t disclosed for close to 90 days. Threat actors are sophisticated and monitor vulnerability patch notices just as closely, if not even more closely than security teams. They use fuzzing tools to unearth new vulnerabilities to quickly acquire or build exploit kits and malware to take advantage of them. They are faster and better resourced than the average security team.
Zero-day Vulnerability Intelligence and Detection Signatures Close the Patch Gap
Our vulnerability analysts collect zero-day, latent, and active vulnerability intelligence via our bug bounty program, mailing lists, vendor advisories, and deep web / dark net scanning. We are proud to provide intelligence and detection signatures (that can detect active exploitation in the wild), that help our clients to stay ahead of exploitable vulnerabilities and the threat actors that are targeting them specifically. Our intelligence includes countermeasures to proactively close security gaps and narrow the attack surface proactively.
Vulnerability Intelligence in Practice
Here at Accenture, our Managed Security Service team and IR team use iDefense vulnerability intelligence to give them an insight into what software or hardware-based products the client has on their network, and what zero-day or latent vulnerabilities the threat actor might exploit. This insight helps teams to remove malware, reverse changes, and remove/patch vulnerabilities more efficiently, thereby closing the attack surface proactively, and cutting down threat actor ability to penetrate the network and cause harm.
Protecting your network is a never-ending battle and vulnerability management is a key piece of the network defense puzzle. We hope you find this information helpful. If you need support on enhancing your use of iDefense threat intelligence or vulnerability intelligence efforts, we are always here to help.