7 places to find threat intel beyond vulnerability databases | Tech Industry
The purpose of National Vulnerability Databases (NVDs) is to create a centralized list of security-related software flaws and enable a more automated approach to vulnerability management. The US, China, and Russia all run their own NVDs.
However, there are distinct flaws with all three, meaning there could be major gaps within an organization’s vulnerability management strategy. The US NVD is slow; the media gap between a vulnerability becoming public and appearing on the list is seven days. China’s NVD is quicker to upload public vulnerabilities, but has been accused of altering data to hide government influences. The Russian NVD, run by the country’s Federal Service for Technical and Export Control of Russia, misses many vulnerabilities and is slow with what it does publish.
Good threat intelligence is more than a list of vulnerabilities. Instead of relying on NVDs alone to power your vulnerability scanning, companies should look to other sources to supplement their threat intelligence operations. According to a study by Tenable, over a third of vulnerabilities have a working exploit available on the same day of disclosure, giving hackers days or more of unfettered opportunity to attack. By broadening the scope of your intelligence gathering, you can close the window of opportunity for cybercriminals and gain a richer set of data with which to defend yourself.