Recent searches
Search options
Some Lessons learned from the tabletop exercise of continuing our top-tier #vulnerability #intelligence post "CVE" at #Cytidel
● We still have capability to monitor different Social media platforms and trusted expert sources for vulnerability info impacting products
● Collection of News, blogs, CSIRT updates are still fit to serve purpose
● Following vendor feeds directly is a big win as with sourcing info from primary source
● We would still have a team of CTI experts staying on top of the latest threat intel updates through actively reviewing the latest threat reports and campaigns
● Monitoring of cyber activity in the wild would not have been impacted but search approach would need to change
● Flexibility and redundancy of sources ensures quite a reliable and robust solution
The biggest pain points
● So many big product or software vendors obfuscated their security advisories and don't provide feeds
● The risk of vendors just not bothering to report vulnerabilities any more is real
● Centralization is an obvious problem for things so widely used and important, the questions of why it is still in the hands of a private company
@ciaranmak Should be moved to the EU. No guarantees of vunls being reported though.