July 13, 2024


The Legal System

Research critical vulnerabilities with the new CVE Insights Card – Feedly Blog

Research critical vulnerabilities with the new CVE Insights Card – Feedly Blog

Exploited and critical CVEs need to be prioritized as soon as possible to limit exposure.

But manually gathering the full picture needed to make smart prioritization decisions is tedious.

We are excited to announce the new Leo CVE Insights Card.

It’s a machine learning model that aggregates, analyzes, and synthesizes vulnerability information from across the web in real-time so that CTI teams can easily:

  • Get a 360-degree view of a CVE without having to open a multitude of tabs
  • Discover critical, exploited, and trending vulnerabilities early
  • Easily link vulnerabilities to threat actors, malware families, and TTPs
  • Predict the CVSS severity, CWE, and popularity of zero-days

Curious how it works? Here is a quick tour

Introducing the new Leo CVE Insights Card
Feedly’s AI Engine aggregates, analyzes, and synthesizes millions of articles

Leo aggregates CVE information from NVD, 25+ vendor advisories, Github, and 10 trusted exploit sources to offer you in one place all the information you need to prioritize an emerging vulnerability.

Leo also predicts the CVSS severity and CWE when it is not yet available on NVD.

You can use the cut and paste action to capture the information you need to create a ticket for your team to review this vulnerability.

Get a 360-degree view of a CVE to easily prioritize critical vulnerabilities

Leo identifies links between the CVE, threat actors, and malware families by analyzing news articles, threat intelligence reports, and social media posts.

Quickly research adversary activity and awareness level

This graph also captures how many sources and social media accounts are mentioning the CVE and compares it to the number of mentions of other CVEs of the same vendor, allowing you to detect trending vulnerabilities early.

Leo organizes all the information he aggregated and analyzed into 3 buckets: vendor advisories, references (trusted and highly curated cybersecurity sources), and social media chatter.

Skim through advisories, trusted reference articles, and social media chatter in one place

As soon as Leo discovers a mention of a vulnerability on news sites, research blogs, vendor advisories, or social media posts, he will create a CVE Insights Card. You can access the CVE Insights Card of any CVE using the https://feedly.com/i/cve/$cve-id URL format.

Some interesting CVEs to research

Here are some examples of CVE Insights Cards you can explore: CVE-2021-44228, CVE-2022-22965, CVE-2022-1388, and CVE-2022-26134.

Speed up your cyber threat intelligence

The CVE Insights Card is one of the machine learning models included in Feedly for Threat Intelligence. Start a free 30-day trial to see how Feedly can help you speed up your threat intelligence.