Introduction

VulnCheck Exploit & Vulnerability Intelligence replaces the need to have separate scripts for downloading the NIST National Vulnerability Database (NVD), the CISA KEV catalog, etc. By integrating with VulnCheck Exploit & Vulnerability Intelligence, you're integrating with an Open Source Intelligence (OSINT) product that has best-in-class information, in a timely manner, on vulnerability exploitation and vulnerabilities generally.

Unlike alternative vulnerability intelligence approachs, the VulnCheck platform and VulnCheck Exploit & Vulnerability Intelligence product is built from a fully autonomous system in software.

Organization leverage VulnCheck Exploit & Vulnerability Intelligence to make better decisions on which vulnerabilities need immediate remediation.

Unlike other vulnerability databases, VulnCheck includes the latest information on a wider range of vulnerabilities, including:

• Vulnerabilities in Open Source packages / dependencies
• Vulnerabilities in ICS/OT, IoMT, IoT, mobile, etc., devices

Most importantly, unlike other purely vulnerability-centric solutions, VulnCheck marries exploit intelligence with vulnerability intelligence. By coupling exploit intelligence with vulnerability intelligence, better insights into vulnerability prioritization & remediation can be gained.

On the exploitation side, VulnCheck Exploit & Vulnerability Intelligence include a wide range of features designed to help understand the state of vulnerability exploitation. Such features include, but are not limited to:

• Monitoring of Git repositories for new exploit PoCs
• Caching of exploit PoCs
• Exploit Maturity classification
• Exploit Type classification
• Evidence of exploitation in-the-wild & exploitation timelines (when did the CVE start being exploited)