7 places to find threat intel beyond vulnerability databases

[InfoSec News <alerts () infosecnews org>]

https://www.csoonline.com/article/3315619/security/7-places-to-find-threat-intel-beyond-vulnerability-databases.html

By Dan Swinhoe
CSO
Oct 26, 2018

The purpose of National Vulnerability Databases (NVDs) is to create a 
centralized list of security-related software flaws and enable a more 
automated approach to vulnerability management. The US, China, and Russia 
all run their own NVDs.

However, there are distinct flaws with all three, meaning there could be 
major gaps within an organization’s vulnerability management strategy. The 
US NVD is slow; the media gap between a vulnerability becoming public and 
appearing on the list is seven days. China’s NVD is quicker to upload 
public vulnerabilities, but has been accused of altering data to hide 
government influences. The Russian NVD, run by the country’s Federal 
Service for Technical and Export Control of Russia, misses many 
vulnerabilities and is slow with what it does publish.

Good threat intelligence is more than a list of vulnerabilities. Instead 
of relying on NVDs alone to power your vulnerability scanning, companies 
should look to other sources to supplement their threat intelligence 
operations. According to a study by Tenable, over a third of 
vulnerabilities have a working exploit available on the same day of 
disclosure, giving hackers days or more of unfettered opportunity to 
attack. By broadening the scope of your intelligence gathering, you can 
close the window of opportunity for cybercriminals and gain a richer set 
of data with which to defend yourself.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_