To better-protect your organisation, it is vital to have a clear understanding of the severity and risk new vulnerabilities may pose. Silobreaker recently launched the new Weekly Vulnerability Monitoring Alert, enabling readers to stay informed about significant developments surrounding critical vulnerabilities and ongoing exploitation by threat actors. Silobreaker’s vulnerability properties feature allows users to gain instant insights into exploit maturity and attack complexity of important vulnerabilities. These can be used for quick decision-making when prioritising what vulnerabilities to patch.
The alert is curated by the Silobreaker Analyst team, with selected vulnerabilities featured each week, split into separate categories.
Keep track of actively exploited vulnerabilities and zero-days
Heat widget displaying trending CVEs, affected software, exploit code maturity and attack complexity
Vulnerabilities actively exploited by threat actors in ongoing campaigns should arguably take the highest priority when it comes to patch prioritisation. The alert features dedicated sections focused on such flaws to give organisations a clear understanding of the current threat landscape. The data is taken directly from Silobreaker’s Heat widget, showing the top five trending vulnerabilities. The vulnerability properties help provide a quick overview of which products are affected, the exploit code maturity, as well as attack complexity.
The first section looks at vulnerabilities that have been added to the United States Cybersecurity and Infrastructure Security (CISA) Known Exploited Vulnerabilities Catalog. CISA recommends organisations to prioritise remediation of vulnerabilities in the Catalog to reduce possible compromise by known threat actors.
The second section focuses on any zero-days or more general vulnerabilities that are actively exploited. For more information, CISA alerts and articles from across open-source media are linked beneath each section to aid organisations understand the associated threats. A Time Series visualisation is also added to each alert to compare mentions of exploitation on the dark web to mentions in open-source reporting.
Better understand how important critical vulnerabilities really are
Top five high priority vulnerabilities picked by Silobreaker’s Analyst Team
Each week, Silobreaker’s Analyst team picks five vulnerabilities of greatest importance that could pose a significant risk to organisations if not fixed quickly. Though these might not necessarily be actively exploited at the time of publication, they could be in the future. This section slightly differs from the previous two, looking at the base and temp scores given to specific vulnerabilities by official vulnerability management platforms. These scores help organisations decide whether a vulnerability should be patched immediately, or if other vulnerabilities should take priority. Open-source reporting is attached to each of the vulnerabilities to provide context about why these flaws are important.
Stay up-to-date with Patch Tuesday releases
Once a month, the vulnerability monitoring alert also includes a section focused on so-called Patch Tuesday vulnerabilities. The information relates to vulnerabilities patched on the second Tuesday of the month by large vendors such as Microsoft, SAP, Adobe and more.
In other weeks, the alert features a section that covers a particular campaign involving the exploitation of vulnerabilities by threat actors or specific risks to a certain industry.
All information in the alert is taken directly from within the Silobreaker platform, with a focus on major campaigns affecting a wide range of different industries. Silobreaker customers can also benefit from a more customised vulnerability alert to fit their industry through the Silobreaker Vulnerability Intelligence solution.
To learn more about how Silobreaker can help your organisation in its vulnerability management efforts, please get in touch with us today. To receive a copy of the new Weekly Vulnerability Monitoring Alert direct to your in-box, sign up here.