Research critical vulnerabilities with the new CVE Intelligence Card – Feedly Blog


Exploited and critical CVEs need to be prioritized as soon as possible to limit exposure.

But manually gathering the full picture needed to make smart prioritization decisions is tedious.

We are excited to announce the new Leo CVE Intelligence Card.

It’s a machine learning model that aggregates, analyzes, and synthesizes vulnerability information from across the web in real-time so that CTI teams can easily:

  • Get a 360-degree view of a CVE without having to open a multitude of tabs
  • Discover critical, exploited, and trending vulnerabilities early
  • Easily link vulnerabilities to threat actors, malware families, and TTPs
  • Predict the CVSS severity, CWE, and popularity of zero-days

Curious how it works? Here is a quick tour

Introducing the new Leo CVE Intelligence Card
Feedly’s AI Engine aggregates, analyzes, and synthesizes millions of articles

Leo aggregates CVE information from NVD, 25+ vendor advisories, Github, and 10 trusted exploit sources to offer you in one place all the information you need to prioritize an emerging vulnerability.

Leo also predicts the CVSS severity and CWE when it is not yet available on NVD.

You can use the cut and paste action to capture the information you need to create a ticket for your team to review this vulnerability.

Get a 360-degree view of a CVE to easily prioritize critical vulnerabilities

Leo identifies links between the CVE, threat actors, and malware families by analyzing news articles, threat intelligence reports, and social media posts.

Quickly research adversary activity and awareness level

This graph also captures how many sources and social media accounts are mentioning the CVE and compares it to the number of mentions of other CVEs of the same vendor, allowing you to detect trending vulnerabilities early.

Leo organizes all the information he aggregated and analyzed into 3 buckets: vendor advisories, references (trusted and highly curated cybersecurity sources), and social media chatter.

Skim through advisories, trusted reference articles, and social media chatter in one place

As soon as Leo discovers a mention of a vulnerability on news sites, research blogs, vendor advisories, or social media posts, he will create a CVE intelligence card. You can access the CVE intelligence card of any CVE using the$cve-id URL format.

Some interesting CVEs to research

Here are some examples of CVE intelligence cards you can explore: CVE-2021-44228, CVE-2022-22965, CVE-2022-1388, and CVE-2022-26134.

Speed up your cyber threat intelligence

The CVE intelligence card is one of the machine learning models included in Feedly for Threat Intelligence. Start a free 30-day trial to see how Feedly can help you speed up your threat intelligence.



Source link