https://www.csoonline.com/article/3315619/security/7-places-to-find-threat-intel-beyond-vulnerability-databases.html
By Dan Swinhoe
CSO
Oct 26, 2018
The purpose of National Vulnerability Databases (NVDs) is to create a
centralized list of security-related software flaws and enable a more
automated approach to vulnerability management. The US, China, and Russia
all run their own NVDs.
However, there are distinct flaws with all three, meaning there could be
major gaps within an organization’s vulnerability management strategy. The
US NVD is slow; the media gap between a vulnerability becoming public and
appearing on the list is seven days. China’s NVD is quicker to upload
public vulnerabilities, but has been accused of altering data to hide
government influences. The Russian NVD, run by the country’s Federal
Service for Technical and Export Control of Russia, misses many
vulnerabilities and is slow with what it does publish.
Good threat intelligence is more than a list of vulnerabilities. Instead
of relying on NVDs alone to power your vulnerability scanning, companies
should look to other sources to supplement their threat intelligence
operations. According to a study by Tenable, over a third of
vulnerabilities have a working exploit available on the same day of
disclosure, giving hackers days or more of unfettered opportunity to
attack. By broadening the scope of your intelligence gathering, you can
close the window of opportunity for cybercriminals and gain a richer set
of data with which to defend yourself.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
