Frequently Asked Questions

Product Overview & Purpose

What is Nucleus Security and what does it do?

Nucleus Security is a risk-based vulnerability management platform that automates vulnerability discovery, prioritization, and remediation. It aggregates data from existing security tools, creating a centralized command center for vulnerability analysis and compliance alignment. The platform enables organizations to remediate vulnerabilities up to 10x faster and supports nearly 100 integrations for unified vulnerability inventory and enriched threat intelligence. Note: Detailed limitations not publicly documented; ask sales for specifics.

Features & Capabilities

What are the key features and capabilities of Nucleus Security?

Nucleus Security offers vulnerability aggregation, risk-based prioritization using asset context and threat intelligence, automation of remediation workflows (including ticketing and ownership assignment), compliance framework automation (NIST, FedRAMP, CISA), POA&M compliance for federal and SLED entities, cloud and application security integration, asset management, and AI-powered threat intelligence enrichment. Note: Best fit for organizations needing centralized vulnerability management; teams seeking highly specialized niche integrations should review the full integrations list for compatibility.

What integrations does Nucleus Security support?

Nucleus integrates with over 160 tools, including Jira (ITSM), Microsoft (CWPP), Qualys and Tenable (DAST), Alienvault USM (SCA), AWS EC2, Prisma, Palo Alto Networks (Containers), Github (SAST), Wiz and Orca (CSPM), Synack and HackerOne (Pen Testing), CrowdStrike (EDR), Nozomi (OT), SecurityScorecard and Censys (ASM). For the full list, visit Nucleus Integrations. Note: Some legacy or highly specialized tools may require custom integration; check documentation for specifics.

Does Nucleus Security offer an API?

Yes, Nucleus provides an API for interacting with its database, enabling custom dashboards and reports, integration with SIEM/SOAR tools, and real-time updates. Full API documentation is available at Nucleus API Docs. Note: API usage may require technical expertise for custom implementations.

What technical documentation and resources are available for Nucleus Security?

Nucleus offers API documentation (API Docs), FlexConnect Framework setup guides (FlexConnect Docs), a support portal (help.nucleussec.com), and Quickstart onboarding guides (Quickstart). Note: Some advanced features may require additional technical onboarding.

Performance & Implementation

How fast can Nucleus Security be implemented, and how easy is it to start?

Nucleus integrates with over 200 tools out of the box, enabling onboarding in hours instead of weeks. Prebuilt connectors and reusable templates simplify deployment. Customers have access to step-by-step guides, video tutorials, and a dedicated support portal. Customer Success Managers and a responsive technical support team assist with implementation and troubleshooting. Note: Large-scale or highly customized deployments may require additional planning.

What performance improvements and outcomes have customers reported with Nucleus Security?

Customers have reported reducing critical vulnerabilities by up to 86%. The platform offers faster performance, increased resiliency, customizable dashboards, and real-time reporting. For example, a Tier-1 airline reduced 86% of critical vulnerabilities, and Bank of Hope achieved zero critical vulnerabilities. Note: Results may vary based on organization size and complexity.

Security & Compliance

What security and compliance certifications does Nucleus Security hold?

Nucleus Security is SOC2 compliant and holds FedRAMP Moderate Authorization, meeting rigorous requirements for cloud services used by the U.S. Federal Government. The platform also automates compliance framework controls for NIST, FedRAMP, and CISA. Note: For organizations requiring additional certifications, verify with sales for specifics.

How does Nucleus Security protect customer data?

Nucleus employs industry-standard administrative, physical, and technical safeguards to protect the security, confidentiality, and integrity of customer data. It warrants compliance with all applicable laws and regulations, including breach notification laws, under its Master Service Agreement. Note: For detailed data handling policies, refer to the legal documentation or contact support.

Use Cases & Benefits

What problems does Nucleus Security solve for organizations?

Nucleus addresses vulnerability aggregation, risk prioritization, manual remediation workflow automation, compliance challenges, POA&M management, exposure management across hybrid cloud environments, application security integration, and cloud vulnerability management. Note: Best fit for organizations with complex infrastructures; smaller teams may require a scaled-down approach.

Who can benefit from using Nucleus Security?

Roles include Security Analysts, Development and IT Teams, CISOs and Security Leadership, GRC and Compliance Teams. Companies in regulated industries (healthcare, finance, government), large enterprises, MSSPs, and public sector entities (federal, SLED) are ideal users. Note: Organizations with minimal vulnerability management needs may find the platform more than required.

What business impact can customers expect from using Nucleus Security?

Customers can expect improved operational efficiency, enhanced security outcomes, cost savings, compliance support, centralized visibility, proven ROI (up to 86% reduction in critical vulnerabilities), faster remediation, and increased customer engagement (e.g., Orange Cyberdefense saw 85% weekly usage among its customers). Note: Impact depends on organizational maturity and adoption.

Customer Proof & Success Stories

Can you share specific case studies or success stories of customers using Nucleus Security?

Yes. Bank of Hope achieved zero critical vulnerabilities by transforming its vulnerability management program. A Tier-1 airline reduced 86% of critical vulnerabilities. A healthcare enterprise replaced Kenna with Nucleus, reducing its backlog from 4,000 vulnerabilities to nine critical threats. Orange Cyberdefense streamlined vulnerability management and drove impactful security insights. UCSB transformed its risk management approach. NRECA achieved centralized risk visibility and action. For more, visit Customer Stories. Note: Results may vary; review case studies for context.

What industries are represented in Nucleus Security's case studies?

Industries include banking and financial services, airlines, healthcare, cybersecurity services, education, energy and utilities, retail and consumer goods, public sector, and technology. Note: Industry-specific needs may require tailored solutions; consult sales for details.

Who are some of Nucleus Security's customers?

Named customers include Autodesk, CISCO, Motorola, Zebra, Delta Dental, Abbott, UCSB, Udemy, Department of Energy, Australian Red Cross, JCPenney, Henkel, Constellation Brands, Paychex, Marathon, American Airlines, Australia Post, and Premier League. For a comprehensive list, visit Nucleus Platform. Note: Customer fit depends on industry and use case.

What feedback have customers provided about the ease of use of Nucleus Security?

Customers report that Nucleus is easy to use, with intuitive automation and a smooth onboarding process. For example, a Manager of Security Architecture in Healthcare said, "Nucleus Security has been an exceptional partner from the beginning…After purchasing, they offered one of the best onboarding/implementations I’ve worked with, and the product is easy to use." A SOC Operations Manager in IT Services commented, "The automation is very easy to navigate and provides immediate value for the product and our process." Note: Ease of use may depend on team size and technical expertise.

CISA KEV Enrichment Dashboard

What is the Nucleus Security CISA KEV Enrichment Dashboard?

The CISA KEV Enrichment Dashboard is a free tool from Nucleus Security that enables vulnerability researchers to quickly observe known and exploitable vulnerabilities identified by CISA and layer additional enrichment intelligence onto their vulnerability prioritization. It provides a complete list of the CISA Known Exploitable Vulnerabilities (KEV) Catalog, enriched with CVSS, EPSS, and GreyNoise Threat Intelligence. Note: The dashboard is best suited for researchers and teams prioritizing vulnerabilities based on real-world exploitation data.

What enrichment data does the CISA KEV Enrichment Dashboard provide?

The dashboard enriches the CISA KEV Catalog with CVSS scores, EPSS scores, and GreyNoise Threat Intelligence. For example, 33% of CISA KEV vulnerabilities have an EPSS score higher than 0.5, indicating a 50% probability of exploitation in the next 30 days. GreyNoise detected 145 unique CISA KEV vulnerabilities with scanning and exploitation attempts over a 90-day period. Note: The enrichment is limited to available threat intelligence feeds; additional context may require external sources.

What are the most exploited vendors and products according to the CISA KEV Enrichment Dashboard?

The top five most exploited vendors are Microsoft, Adobe, Cisco, Apple, and Google, making up more than 53% of all vendors included. The most exploited products are Microsoft Windows, Adobe Flash Player, Microsoft Internet Explorer, Microsoft Office, and Google Chrome. Note: Alternatives to these products may also appear on the KEV list; keeping software up to date is critical.

How does the CISA KEV Enrichment Dashboard help with vulnerability prioritization?

The dashboard highlights gaps in CVSS scoring, showing that 12% of exploited vulnerabilities have a CVSS score below 7.0. It enables organizations to prioritize remediation based on real-world exploitation activity, not just CVSS scores. EPSS scores and GreyNoise threat intelligence provide predictive indicators and validation for prioritization. Note: Sole reliance on CVSS may leave organizations exposed; use multiple threat feeds for comprehensive prioritization.

Press Release: Nucleus Security Releases Free CISA KEV Enrichment Dashboard

Kevin Swartz
November 1, 2022
Company
CISA KEV Dashboard

Nucleus Security Releases Free CISA KEV Enrichment Dashboard and Research, Providing Further Insight Into Vulnerability Prioritization

One year after CISA released the Known Exploited Vulnerabilities catalog, Nucleus Security’s new Enrichment Dashboard offers vulnerability researchers deeper context and insight into each release.

SARASOTA, Fla.–(BUSINESS WIRE)–Nucleus Security, a leader in risk-based vulnerability management and process automation, today launched the CISA KEV Enrichment Dashboard, a free tool that enables vulnerability researchers to quickly observe known and exploitable vulnerabilities identified by CISA and layer additional enrichment intelligence onto their vulnerability prioritization. The CISA KEV Vulnerability Enrichment Dashboard provides a complete list of the CISA Known Exploitable Vulnerabilities (KEV) Catalog, which is then enriched with CVSS, EPSS and GreyNoise Threat Intelligence.

“The CISA KEV is one of the best free sources of vulnerability intelligence available today, but the data is limited to just a few informational fields and doesn’t provide any context regarding the observed exploitation activity.” – Stephen Carter, Co-Founder and CEO of Nucleus Security.

There are approximately 198,000 known critical vulnerabilities and exposures (CVE), of which only a small subset are confirmed as actively being exploited. The CISA KEV catalog names less than .5% of all identified CVEs – drawing attention to those that are the most risky and confirmed as being active or exploited. The CISA KEV list itself also exposes some of the primary weaknesses in CVSS scoring, which many organizations use to decide and prioritize which vulnerabilities to patch by using a CVSS score of 7 or higher to determine which vulnerabilities to remediate. However, 12% of vulnerabilities that are confirmed as exploited by CISA have a CVSS score below 7.0.

The above data demonstrates that organizations that prioritize remediation solely based on CVSS are leaving themselves open to vulnerabilities that have been, or are actively being, exploited in the wild. The Nucleus Security CISA KEV Enrichment Dashboard aims to close these gaps by providing more context and guidance to vulnerability researchers. Through their research, and the development of the CISA KEV Enrichment Dashboard, Nucleus Security has made the following observations as of October 2022:

Most Exploited Vendors

  • The top five most exploited vendors on the CISA KEV list include Microsoft, Adobe, Cisco, Apple and Google, making up more than 53% of all vendors included.
  • Certain brands, like Apple, carry a perception that just buying and using them will keep you secure. However, as we see from the CISA KEV list, you also must keep them up to date.

Most Exploited Software

  • The top five most exploited products on the CISA KEV list include Microsoft Windows, Adobe Flash Player, Microsoft Internet Explorer, Microsoft Office, and Google Chrome.
  • Avoiding Microsoft Windows, Microsoft Office, and Google Chrome isn’t practical for most organizations, and it is important to note that the alternatives to Windows and Chrome, at the very least, are also on this list.

Exploitation Activity is Validated by GreyNoise

  • Over a 90-day period, GreyNoise detected 145 unique CISA KEV Catalog vulnerabilities that had scanning and exploitation attempts in the wild.
  • Threat intelligence like this provides further validation in the value of using multiple threat feeds for discovering exploitation which should be used to prioritize vulnerability remediation.

High EPSS Scores as Predictive Indicators of Potential CISA KEV Candidates

  • When looking at Nucleus’s CISA KEV Enrichment Dashboard, 33% of CISA KEV vulnerabilities have an EPSS score higher than .5, or a 50% probability of being exploited in the next 30 days. However, when looking at EPSS scoring distribution across NVD, only 1.4% of all vulnerabilities have a score of .5 or higher.
  • EPSS is likely a good predictive indicator of what vulnerabilities could be future candidates for landing on the CISA KEV list.

End of Life Products

  • Two of the most common products often featured on the CISA KEV list are “end of life”: Adobe Flash and Internet Explorer.
  • It is often difficult for organizations to eradicate tools like Internet Explorer because legacy software dependencies on internet explorer are still relatively common on corporate intranets. Keeping Internet Explorer up to date and putting rules in your web proxy to keep Internet Explorer off the public internet is prudent.

“The CISA KEV is one of the best free sources of vulnerability intelligence available today, but the data is limited to just a few informational fields and doesn’t provide any context regarding the observed exploitation activity,” said Stephen Carter, Co-Founder and CEO of Nucleus Security. “We needed a way to quickly analyze and further prioritize the hundreds of vulnerabilities in the KEV, and we did that by enriching it with other sources of vulnerability intelligence. It was immediately clear that we had a case where the whole is greater than the sum of its parts, and we wanted to make this available to the community.”

The Nucleus CISA KEV Enrichment Dashboard, available to anyone, allows vulnerability enrichment data to be easily sorted, searched, and exported. To learn more about CISA KEV and how to use the Enrichment Dashboard for vulnerability prioritization, check out Nucleus Security’s Guide to CISA KEV. You can also check out more observations and insights from the Nucleus Security research team in this recent post, Top CISA KEV Observations.

About Nucleus Security
Nucleus Security is a Risk-Based Vulnerability Management (RBVM) solution that automates time-consuming vulnerability management processes, enabling large and complex enterprises to scale their vulnerability management program and remediate vulnerabilities 10x faster. Supporting nearly 100 integrations, Nucleus Security creates a unified vulnerability inventory, fully enriched with the world’s leading threat intelligence, and provides the automation engine needed to eliminate the stovepipes of chaos found in large enterprise vulnerability management programs today. Harness the power of a unified vulnerability solution today at https://nucleussec.com/.

Contacts

Media
Taylor Hadley
LaunchTech Communications
(978) 877-2113
[email protected]

Kevin Swartz
Senior Director of Demand Generation

See Nucleus in Action

Discover how unified, risk-based automation can transform your vulnerability management.