Intel 471’s Vulnerability Intelligence is made to both provide relevant and timely intelligence information on the adversary situation and to address the gap in current vulnerability offerings, which focuses mainly on things already being exploited in the wild based on known attacks and open source information. This leaves out the precursors to such activity that lend to a more proactive approach such as an increase in interest levels amongst threat actors, proof-of-concept (POC) code being developed, traded or sold, and ultimately the weaponization and productization of the code as it gets integrated into exploit kits, exploit packs or other tools. This activity often takes place prior to attacks being observed in the wild.
The Intel 471 Vulnerability Intelligence Splunk App provides a live dashboard that offers a view into Intel 471's vulnerability intelligence reporting and analysis. The app provides the ability to view the live summary dashboard, drill into individual vulnerability reports, filter on various data elements and view historical vulnerability intelligence. All intelligence includes sourcing and links to contextual information. The app requires the Intel 471 Vulnerability Intelligence Splunk Add-on and an active Intel 471 Titan API key in order to retrieve intelligence information and reporting.