Vulnerability Intelligence (Explore)

As the influx of vulnerabilities continues to overwhelm risk managers, there is a pressing need for focused analysis and distribution of risk mitigation actions. Tenable Vulnerability Intelligence analyzes more than 50 trillion data points and provides a quick understanding of vulnerabilities and the impacted assets. The intelligence information comes from several sources such as the research related to Vulnerability Priority Rating (VPR), Common Vulnerability Scoring System (CVSSv3), and Exploit Prediction Scoring System (EPSS) scores. This dashboard provides the ability to quickly distill the intelligence data, enables organizations to make informed decisions and respond to threats swiftly.

Vulnerability Intelligence curated categories that blend known risk indicators with insights from the Tenable Research Team to surface the most crucial vulnerabilities. The categories are:

• Emerging Threats - Vulnerabilities being actively monitored by Tenable in three areas: Vulnerabilities Being Monitored, Vulnerabilities of Interest, and Vulnerabilities of Concern.
• CISA Known Exploited - Vulnerabilities that appear in the CISA Known Exploited Vulnerabilities Catalog. 
• In the News - Vulnerabilities being widely reported in the press with notable coverage over the past 30 days.
• Recently Actively Exploited - Vulnerabilities with notable coverage in the press over the past 30 days, and for which Tenable has evidence of active exploitation.
• Ransomware - Vulnerabilities used in current or historical ransomware attacks, as determined from evidence gathered by the Tenable Research team.
• Persistently Exploited - Vulnerabilities being leveraged by threat actors over an extended period of time in targeted attacks, ransomware, or malware campaigns. 
• Top 50 VPR - The top 50 vulnerabilities by Vulnerability Priority Rating (VPR).
   

This dashboard also leverages Exploit Prediction Scoring System (EPSS). FIRST.org defines EPSS as a data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild. EPSS Score is a number representing the percentage of likelihood that a vulnerability will be exploited. The number ranges from 1 to 100 with up to three decimal places, for example, 50.5. Many widgets on the dashboard combine the EPSS, VPR and Vulnerability Intelligence categories into a single query allowing for risk managers to gain context into the surfaced vulnerabilities. 

The dashboard provides a holistic approach leveraging vulnerability intelligence, EPSS, VPR, and other more traditional attributes such as publication date, and last observation. The combined view empowers the organization to discover threats, by streamlining analysis without a manual process. As the new threats emerge the risk managers are better able to create plans based on reliable analysis and communicate clearly to leadership allowing for risk mitigation planning to become more effective. 

Tenable provides several solutions for organizations to better understand vulnerability management. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Vulnerability Management (formerly Tenable.io) discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. The requirements for this dashboard are: Tenable Vulnerability Management.

Widgets

• Vulnerability Intelligence Risk Factor Comparative Analysis - This widget leverages the vulnerability intelligence and compares the most common risk factor properties, EPSS, VPR, and CVSSv3.
• Outstanding Vulnerability Published VPR > 7 - This widget provides a summary count of finding with an assigned vulnerability intelligence category and a VPR score of 7 or higher and the patch publication date. 
• EPSS Affect on SLA and Vulnerability Age - This widget helps organizations leverage EPSS and Vulnerability Intelligence along with the Service Level Agreements (SLAs) by providing a vulnerability view that is organized by Vulnerability Priority Rating (VPR) Score and Vulnerability Age.
• Most Critical Assets at risk to Ransomware - This widget provides a list of the most critical assets (using AEX >750) with finding related to ransomware with a VPR > 5.
• Unmitigated (>30D) Vulnerabilities (VPR>7) Known to be Exploited - This widget leverages the Known to be Exploited category and provides a list of the top 200 vulnerabilities detected more than 30 days ago and a VPR score of 7 or higher, which are still present in the network. 
• Threats Identified using Vulnerability Intelligence and Attack Vectors - This widget provides a matrix of the Vulnerability intelligence categories cross matched with the CVSSv3 Attack Vector. 
• Vulnerability Intelligence Status - This widget provides a summary count of finding (current and fixed) alongside the count of assets with current findings, cross mapped for each Vulnerability Category. 
• Vulnerability Intelligent CVE Category - This widget correlates the Vulnerability Categories with EPSS.
• EPSS Affect on Vulnerability Age: Managing SLAs - This widget provides a view of findings with a Vulnerability Category assigned, EPSS Score and first seen date. 
• Vulnerability Intelligence Identified Threats by VPR - This widget provides a correlation between the Vulnerability Intelligence Categories and VPR Score.
• CVE Category Affect on Vulnerability Age: Managing SLAs - This widget provides a view of findings for each Vulnerability Category and the first seen date.