Nucleus and Mandiant Integration Accelerate prioritization and response with integrated threat and vulnerability intelligence from Mandiant—included free with Nucleus. INTEGRATED THREAT INTELLIGENCE

See Why Nucleus Partnered with Mandiant  |  Watch Video



Nucleus sits at the nexus of your vulnerability data, asset information, and embedded threat intelligence – providing contextually relevant data at your fingertips, allowing for automated response at scale.

Nucleus VM Triangle

Nucleus now automatically enriches all vulnerability data, including SCA and pentest findings, using enterprise class vulnerability and threat intelligence powered by Mandiant, at no additional cost to Nucleus customers. By combining the aggregation, analytics, and vulnerability management orchestration capabilities already provided within Nucleus with the insight and intelligence provided from the Mandiant team, practitioners can accelerate the vulnerability prioritization and triage process using automation at scale and have the data they need to rapidly make confident decisions and accurately assess the risk of vulnerabilities. Nucleus now combines all the asset information, vulnerability data from scanning tools, and now threat intelligence into one single platform for vulnerability teams to eliminate laborious manual data analysis, accelerate decision-making and prioritization, and remove major pain points that exist for all organizations trying to mature their vulnerability management programs.

Leading Enterprise Threat Intel – No Cost to You.

Custom integrated threat intelligence from Mandiant is included with Nucleus at no additional cost, saving the significant expense of a standalone threat intel subscription.


Advanced vulnerability analysis, triage, and prioritization informed by the latest Mandiant vulnerability research.


Continuous monitoring of vulnerability exploitation activity targeting your industry, associated with known threat actors targeting your organization.


Automated response workflows based on Mandiant expert risk ratings, exploitation activity, or any combination of provided vulnerability, threat, or asset information.


Standardize Prioritization Across All Scanners

Every organization is using multiple scanners to assess their technology stack, leading to millions of vulnerabilities of different types, owned by different teams, in an organization. Businesses struggle with figuring out which vulnerabilities are going to be the most impactful to fix first. With the now integrated threat intelligence in Nucleus:

  • All threat data for vulnerabilities in your environment are automatically available to help you make decisions about what actions to take.
  • You can have a standardized approach to prioritization of vulnerabilities across all your scanning tools, including SCA and penetration testing.
Nucleus Prioritization
Automate Actions

Automate Actions to Streamline Remediation

Use Threat Intelligence fields to take more intelligent automated actions when new data is discovered in Nucleus, such as:

  • Set custom SLAs based on exploits in the wild, what mitigations are available, and associated threat actors.
  • Assign vulnerabilities to the correct team so that the right information goes to the users who can take action.
  • Create emergency ticketing rules to automatically route special tickets when triggered by setting up automated criteria for vulnerabilities.

Monitor the Right Metrics for Your Business

Combine the existing aggregation, analytics, and vulnerability management orchestration capabilities already provided in Nucleus with threat intelligence to monitor the metrics you care about:

  • Use the asset organizational capabilities to report on threat-correlated vulnerability data at every level of your organization, such as seeing which teams have zero days open.
  • Track metrics like how long it takes to fix vulnerabilities that are being widely exploited.
Vulnerability Filters

What Makes Mandiant Threat Intelligence Better?

With threat intelligence directly from the frontlines, gathered from multiple streams around the globe, Mandiant publishes research on an average of 350 vulnerabilities per day.


Over the last 15+ years, Maindiant has gained a reputation as the industry’s premier incident responder, attending 1000+ incident response engagements annually.


Mandiant deploys 300+ intelligence analysts and researchers located in 23 countries. We collect up to 1 million malware samples per day from more than 70 different sources.


Mandiant monitors approx. 4 million virtual guest images deployed globally in 102 countries, generating tens of millions of sandbox detonations per hour, confirming 50,000 – 70,000 malicious events per hour


Mandiant’s Managed Defense team performs detection and response services for over 300 customers from four international Cyber Threat Operations Centers.

BUT, WAIT! There’s More…

Nucleus also integrates two additional vulnerability threat intelligence feeds to further improve vulnerability monitoring, prioritization, response, and remediation.


The Exploit Prediction Scoring System (EPSS) scores maintained by the Forum of Incident Response and Security Teams (FIRST) that predicts when software vulnerabilities could be exploited .

CISA BOD-22-01

The CISA BOD 22-01 list of 300+ actively exploited vulnerabilities including their CVE scores, CISA details, and patch/fix deadlines; continuously updated with the most recent info available including updates to data, due dates, and new vulnerabilities.

In a single pane of glass, Nucleus correlates all organizational asset information, vulnerability data from network, application, cloud and container scanning tools, org charts, system hierarchies, and three complete feeds of vulnerability intelligence so practitioners can assess what matters most. Nucleus normalizes the data enabling teams to evaluate, triage, prioritize, and remediate much faster with greater precision. 

Want to see it in action? Take a Demo on Demand

Take it for a spin with a Guided Tour