INTEGRATED MANDIANT THREAT INTELLIGENCE
Accelerate Vulnerability Prioritization with vulnerability threat intelligence
from Mandiant and CISA
FIX WHAT MATTERS MOST
Nucleus sits at the nexus of your vulnerability data, asset information, and embedded threat intelligence – providing contextually relevant data at your fingertips, allowing for automated response at scale.
Nucleus automatically enriches all vulnerability data, including SCA and pentest findings, using enterprise class vulnerability and threat intelligence powered by Mandiant. By combining the aggregation, analytics, and vulnerability management orchestration capabilities already provided within Nucleus with the insight and intelligence provided from the Mandiant team, practitioners can accelerate the vulnerability prioritization and triage process using automation at scale and have the data they need to rapidly make confident decisions and accurately assess the risk of vulnerabilities. Nucleus combines all the asset information, vulnerability data from scanning tools, and threat intelligence into one single platform for vulnerability teams to eliminate laborious manual data analysis, accelerate decision-making and prioritization, and remove major pain points that exist for all organizations trying to mature their vulnerability management programs.
Leading Enterprise Threat Intel
integrated threat intelligence from Mandiant is included with Nucleus, saving the significant expense of a standalone threat intel subscription.
Advanced vulnerability analysis, triage, and prioritization informed by the latest Mandiant vulnerability research.
CUSTOMIZED FOR YOU
Continuous monitoring of vulnerability exploitation activity targeting your industry, associated with known threat actors targeting your organization.
Automated response workflows based on Mandiant expert risk ratings, exploitation activity, or any combination of provided vulnerability, threat, or asset information.
Standardize Prioritization Across All Scanners
Every organization is using multiple scanners to assess their technology stack, leading to millions of vulnerabilities of different types, owned by different teams, in an organization. Businesses struggle with figuring out which vulnerabilities are going to be the most impactful to fix first. With the integrated threat intelligence in Nucleus:
- All threat data for vulnerabilities in your environment are automatically available to help you make decisions about what actions to take.
- You can have a standardized approach to prioritization of vulnerabilities across all your scanning tools, including SCA and penetration testing.
Automate Actions to Streamline Remediation
Use Threat Intelligence fields to take more intelligent automated actions when new data is discovered in Nucleus, such as:
- Set custom SLAs based on exploits in the wild, what mitigations are available, and associated threat actors.
- Assign vulnerabilities to the correct team so that the right information goes to the users who can take action.
- Create emergency ticketing rules to automatically route special tickets when triggered by setting up automated criteria for vulnerabilities.
Monitor the Right Metrics for Your Business
Combine the existing aggregation, analytics, and vulnerability management orchestration capabilities already provided in Nucleus with threat intelligence to monitor the metrics you care about:
- Use the asset organizational capabilities to report on threat-correlated vulnerability data at every level of your organization, such as seeing which teams have zero days open.
- Track metrics like how long it takes to fix vulnerabilities that are being widely exploited.
What Makes Mandiant Threat Intelligence Better?
With threat intelligence directly from the frontlines, gathered from multiple streams around the globe, Mandiant publishes research on an average of 350 vulnerabilities per day.
Over the last 15+ years, Maindiant has gained a reputation as the industry’s premier incident responder, attending 1000+ incident response engagements annually.
Mandiant deploys 300+ intelligence analysts and researchers located in 23 countries. We collect up to 1 million malware samples per day from more than 70 different sources.
Mandiant monitors approx. 4 million virtual guest images deployed globally in 102 countries, generating tens of millions of sandbox detonations per hour, confirming 50,000 – 70,000 malicious events per hour
Mandiant’s Managed Defense team performs detection and response services for over 300 customers from four international Cyber Threat Operations Centers.
Comprehensive Threat Intelligence
Nucleus also integrates additional vulnerability threat intelligence feeds to further improve vulnerability monitoring, prioritization, response, and remediation.
The Exploit Prediction Scoring System (EPSS) scores maintained by the Forum of Incident Response and Security Teams (FIRST) that predicts when software vulnerabilities could be exploited .
The CISA BOD 22-01 list of 300+ actively exploited vulnerabilities including their CVE scores, CISA details, and patch/fix deadlines; continuously updated with the most recent info available including updates to data, due dates, and new vulnerabilities.
In a single pane of glass, Nucleus correlates all organizational asset information, vulnerability data from network, application, cloud and container scanning tools, org charts, system hierarchies, and three complete feeds of vulnerability intelligence so practitioners can assess what matters most. Nucleus normalizes the data enabling teams to evaluate, triage, prioritize, and remediate much faster with greater precision.