RiskIQ unveiled Illuminate Vulnerability Intelligence
August 2021 by Marc Jacob
Staying ahead of early-stage vulnerabilities is now mission-critical for security teams. Still, today’s organisations struggle to maintain visibility into their external network of internet-connected products, devices, services, and apps that are swelling outside their firewalls to support an evolving workforce. With over 18,000 vulnerabilities published in 2020 and several of the most impactful breaches in history hammering organisations across the world in 2021, prioritising this deluge of vulnerabilities has become an overwhelming challenge.
RiskIQ’s Illuminate Vulnerability Intelligence is a native feature within the Illuminate Platform, adding exceptional value by directly integrating next-generation CVE insights and mitigation strategies at no extra cost or license to Illuminate customers. This infusion of RiskIQ intelligence goes beyond CVSS scores, adding knowledge of an organisation’s unique attack surface to provide accurate prioritisation for assets most likely to be targeted.
RiskIQ Illuminate Vulnerability Intelligence key capabilities include:
• Prioritised CVEs based on the RiskIQ algorithm encompassing recent exploits, Deep and Dark Web chatter, and linkage to malware
• Mitigation steps or resources to remediate your vulnerabilities
• Mapping of CVEs to your attack surface to identify impacted assets
• Identification of CVE alignment to your third party vendors
• Vulnerability Articles with comprehensive information for over 200,000 CVEs
RiskIQ Illuminate Vulnerability Intelligence leverages RiskIQ’s Internet Intelligence Graph, which assembles, labels, and stores real-world observations and pre-computes the deep digital relationships that make up an organisation’s attack surface. This custom analysis and global attack surface intelligence fusion have already elevated 500 of the 211,000 CVEs in the Illuminate Platform’s index from ’Medium’ to ’High’ priority.
Security intelligence enhanced with in-depth knowledge of the global attack surface is also critical to understanding the vulnerability posture of your organisation’s digital supply chain and third parties.
Many organisations that have been breached have identified the cause as their supply chain. RiskIQ Illuminate Vulnerability Intelligence automatically monitors frameworks, page contents, third-party components, and code to identify relevant vulnerabilities, including those for third-party attack surfaces, such as partners, suppliers, distributors, and peers. This all-encompassing view identifies and prioritises CVEs in real-time—even those lying deep in the technology stack or across the digital supply chain, the culprits in SolarWinds, and many other infamous breaches.
RiskIQ Illuminate Vulnerability Intelligence unites security and risk teams across multiple disciplines with ease and simplicity, showing vulnerabilities and where they lie across an organisation. Each group—threat analysts, vulnerability specialists, compliance officers, and more—can instantly identify vulnerabilities related to any product, vendor, device, service, or app on-demand.
Built-in, risk-based prioritisation informs how likely each vulnerability is to be exploited, resulting in accelerated remediation, dramatically reduced downtime, and less wasted effort. With mature organisations spending dozens of hours each week gathering intelligence to correlate with vulnerability severity to identify active risks and map them to their attack surface, this context and automation save precious time and money identifying and remediating threats. Security professionals can contact RiskIQ to learn more and schedule a demo of RiskIQ’s Illuminate Internet Intelligence Platform with Next-Gen Vulnerability Intelligence.