Threat Intelligence

The continuous process of detecting malware can be daunting without the right tools. By introducing Threat Intelligence, we ensure that the occurrence of cyber threats is listed, and you can prioritize the remediation actions. The widgets in Threat Intelligence provide the following:-

  • Update widgets using the tags: Click the tag icon to Tag icon. add Any or All tags. Adding the tags updates the information in the widget.
  • Date drop-down: Filter CVEs based on the date drop-down menu options - Today, Last 7 Days, Last 30 Days, Last 90 Days, or Specific Range.
  • Exclude CVEs with zero asset count: Enable Exclude CVEs with zero asset count, and the widgets will display the assets without an asset count of 0.
  • View Data Sources: Click View the Data Sources to get the list of sources that provide threat intelligence data. 

Look for a CVE: You can search the CVEs using the Look for a CVE option. Click the Look for a CVE option to redirect you to the CVE Details page. The CVE details list the Technical, Temporal, Trending, Remediation, and Associated QIDs attributes of the CVE. The following screenshot shows the CVE 2024-24919 results:

Threat Intelligence Widgets

Each Threat Intelligence widget categorizes data by geo-location, trending CVEs, weaponized exploits, exploits by malware, and threat actor groups. The following is the list of Threat Intelligence widgets, along with screenshots that highlight each widget:

Riskiest Asset Distribution by Geo-Location

The widget lists the asset distribution across the geo-location based on the TruRisk Score.

Top 20 Trending CVEs in the Wild

The widget presents trending vulnerabilities in the wild or on dark web forums, along with CVEs, QVS, and Asset Counts. Click on the value to access more details.

Latest 20 CVEs with Weaponized Exploits

The widget displays vulnerabilities with weaponized exploits. Click on the value to access details on CVEs, QVS, and Asset Counts.

Top 10 CVEs Exploited by Malware

The widget displays a bar graph listing vulnerabilities associated with specific malware or CVE exploits. The X-axis represents Asset Count, while the Y-axis represents malware or CVE.

Top 10 CVEs Exploited by Threat Actor Groups

The widget displays vulnerabilities exploited by Threat Actors in a bar graph. Click on any Threat Actor bar to see results in the Vulnerabilities tab based on pre-populated vulnerabilities.vulnerability.qid token.

Threat Feeds

The Threat Feeds widget displays continuous information about exploits, vulnerabilities, and adversaries. The following screenshot shows the Threat Feeds categorized as High, Medium/Low, and Favorites: