VulnCheck Canary Intelligence deploys actual vulnerable systems across the Internet, capturing real-world attacker behaviors and exploitation techniques in the wild. The data reveals which vulnerabilities are being targeted, how they’re being exploited, and by whom. Providing defenders with early and actionable intelligence.
VulnCheck Initial Access Intelligence develops vulnerable systems for customers to test exploitation and scanning against. As per our, coverage strategy, the systems are vulnerable to issues that are already being exploited in the wild, or likely to be exploited in the wild in the near future.
VulnCheck deploys intentionally vulnerable canary systems across the internet. To an attacker, the canary looks like a real vulnerable system because it is a real vulnerable system. The attacker scans and probes it to determine if it's a real system, and it is. So they attack.
VulnCheck developed Suricata and YARA rules, as part of the Initial Access Intelligence package, that automatically validate attacker exploitation, generate events for customer consumption, and trigger resets for compromised canaries.
VulnCheck Canaries data provides deep insight into vulnerability exploitation attempts, including the detection signatures used, the attackers involved, their locations, the targets location, and the specific methods and payloads used to exploit the vulnerable host.