Introduction
The VulnCheck Exploit & Vulnerability Intelligence product helps organizations enrich their existing vulnerability reporting and solve the vulnerability prioritization challenge.
VulnCheck Exploit & Vulnerability Intelligence replaces the need to have separate scripts for downloading the NIST National Vulnerability Database (NVD), the CISA KEV catalog, etc. By integrating with VulnCheck Exploit & Vulnerability Intelligence, you're integrating with an Open Source Intelligence (OSINT) product that has best-in-class information, in a timely manner, on vulnerability exploitation and vulnerabilities generally.
Unlike alternative vulnerability intelligence approachs, the VulnCheck platform and VulnCheck Exploit & Vulnerability Intelligence product is built from a fully autonomous system in software.
Organization leverage VulnCheck Exploit & Vulnerability Intelligence to make better decisions on which vulnerabilities need immediate remediation.
Unlike other vulnerability databases, VulnCheck includes the latest information on a wider range of vulnerabilities, including:
- Vulnerabilities in Open Source packages / dependencies
- Vulnerabilities in ICS/OT, IoMT, IoT, mobile, etc., devices
Most importantly, unlike other purely vulnerability-centric solutions, VulnCheck marries exploit intelligence with vulnerability intelligence. By coupling exploit intelligence with vulnerability intelligence, better insights into vulnerability prioritization & remediation can be gained.
On the exploitation side, VulnCheck Exploit & Vulnerability Intelligence include a wide range of features designed to help understand the state of vulnerability exploitation. Such features include, but are not limited to:
- Monitoring of Git repositories for new exploit PoCs
- Caching of exploit PoCs
- Exploit Maturity classification
- Exploit Type classification
- Evidence of exploitation in-the-wild & exploitation timelines (when did the CVE start being exploited)
