Appendix A - Threat Intelligence
Software Vulnerability Research Threat Intelligence directs your attention towards the vulnerabilities affecting your watch lists.
In a world where there are more than 18,000 new vulnerabilities every year, being smart about prioritizing remediation efforts is essential. Leveraging our optional Threat Intelligence Module, another valuable layer of insight is provided to help you understand which of the vulnerabilities affecting your environment are actually being exploited in the wild.
Industry reports, including Gartner shows that between 6%-10% of the vulnerabilities disclosed each year actually are exploited in the wild. Turns out that most of these have medium CVSS scores, which are typically overlooked by organizations. With the insights provided by threat intelligence, it is possible better optimize the time spent remediating software vulnerabilities. Avoid spending time and resources in patching vulnerabilities that do not have evidence of exploitation, and favor those that do. Prioritization is crucial for effective risk mitigation and resource utilization.
Leveraging machine learning, artificial intelligence, and human curation from thousands of sources in the open, deep and dark web, our Threat Intelligence Module augments Software Vulnerability Research’s vulnerability intelligence with a Threat Score that provides the ultimate prioritization tool for your busy desktop operations teams.
This appendix explains how the Software Vulnerability Research Threat Intelligence module helps the enterprises to manage their resources and Patching Vulnerabilities more effectively, the following topics are discussed in this section:
| • | Evidence of Exploitation |
| • | Criteria for the Threat Score Calculation |
| • | Threat Score Calculation - Examples |
| • | Threat Intelligence Data for Operations and Security |
| • | Threat Intelligence for Research |
Note:Please note the following:
| • | Secunia Advisory Threat Scores and Vulnerability (CVE) Threat Scores are each calculated as described in the Criteria for the Threat Score Calculation section (an Advisory score is not determined by simply adding related CVE Threat Scores). |
| • | For pricing and availability, please contact your sales representative or contact us online at: https://www.flexera.com/about-us/contact-us.html |
| • | For more details about the Threat Intelligence Modules, see our datasheet: https://www.flexera.com/media/pdfs/datasheet-svm-threat-intelligence-module.pdf |