Virtualization Technology News and Information
VulnCheck Launches Catalog of Known Exploited Vulnerabilities Fused with Exploit Intelligence
VulnCheck announced the launch of the VulnCheck Known Exploited Vulnerabilities (KEV) catalog. The free offering, available by joining the VulnCheck Community, provides security teams and threat detection engineers with advanced intelligence on vulnerabilities that have been exploited in the wild to better manage threats, solve the prioritization challenge and outpace adversaries.

With the rapid growth and exploitation of vulnerabilities, speed and breadth of data remain the most valuable assets to vulnerability management first responders. Currently, VulnCheck tracks 876 more (or 81.04%) vulnerabilities exploited in the wild than CISA, and alerts customers before missing exploits are added to the CISA KEV catalog an average of 27 days earlier. VulnCheck's KEV catalog equips cybersecurity vendors and vulnerability management teams with faster, broader coverage in an efficient machine-readable dataset needed for detection, prioritization, and remediation.

"The CISA KEV catalog continues to be an invaluable tool and a driving force in our industry, but there is an opportunity for broader visibility and often earlier indicators into known exploitation," said Anthony Bettini, founder and CEO of VulnCheck. "This is why we decided to offer a community resource that provides broader known exploited vulnerability intelligence and reference materials, all delivered at machine speed."

Key features of VulnCheck's KEV catalog include:

  • Comprehensive CVE Tracking: VulnCheck provides security teams with the largest real-time collection of known exploited vulnerabilities. The offering encompasses all vulnerabilities listed in the CISA KEV catalog, plus approximately 80% more reported as exploited in the wild.
  • Exploit Intelligence: VulnCheck's catalog adds the much-needed context to CVEs. The catalog includes supplementary external links to exploit content available in VulnCheck XDB, referencing publicly-available exploit proof of concept code where possible. This intelligence arms engineers with the information needed to build better detections and get them in the hands of defenders faster.
  • Exploitation References: VulnCheck provides citations for each and every CVE, so security teams have a clearer picture of why the vulnerability is on the list. When threat actors, ransomware groups, or botnets are involved in the vulnerability exploitation, VulnCheck cites evidence.

"The cybersecurity community is taking notice of the scale and impact VulnCheck is having on the vulnerability landscape. Our exploit research continues to be a driving force and influence in the industry, and we frequently see CISA adding CVEs to the CISA KEV that VulnCheck was tracking weeks earlier," said Clint Merrill, Vice President of Product at VulnCheck.

This news follows the launch of other impactful Community offerings from VulnCheck, including the maintenance of NVD 1.0 and unveiling of VulnCheck XDB, the largest repository of exploits and proof-of-concepts hosted on git repositories.

Published Tuesday, February 27, 2024 9:33 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2024>