Leo is now integrated with 15 vendor advisories, giving you real-time access to relevant CVE and CVSS information, directly in your feed.
TRanscript
New Leo CVE Skill – Vendor Advisory Integrations
“Hi folks, this is Remi from Feedly. I wanted to share with you the latest updates on the Leo cybersecurity skills, which has to do with vendor advisory integration. Very exciting one.
The premise for this is that we’ve heard from a lot of our customers that connecting Leo’s knowledge graph directly to vendor advisory sites would be highly beneficial to get updates on CVEs faster, basically immediately as they get published on those vendor sites.
So we built it as you can see, we started integration with the most prominent vendor sites, as you can see here. So we’ve got our Microsoft, Oracle, Cisco if you have any vendor of choice that is not in this list, please let us know because we’re continuously adding more vendor sites to to the knowledge graph. Your feedback is important and will be taken into consideration.
To show you what that looks like, if you take a look at your Today page and your CVE dashboard and your trending vulnerabilities on the right hand side, you can zoom in to this latest vulnerability for Microsoft from a couple of days ago. Click on the CVSS score, which just normally just opens up the NVD page for that vulnerability, you can see that at the NVD level, this is still under undergoing analysis. And there isn’t much detail about it yet on the Phoebe side of things.
Thanks to Leo, you still have all of the elements that appear over here, as well as your usual reference articles and all the chatter around that particular CVE. This is because Leo is picking up that information directly from the Microsoft site and makes all of these updates again, almost in real time. So the outcome of this is that you can really be aware of what’s happening around these critical vulnerabilities sooner without having to go individually to all these other sites and looking up IDs.”
Which vendor advisories does Leo integrate with already?
Mozilla, Google Android, Microsoft MSRC, CISA, Google Chrome, F5, Cisco, Apple, Redhat, ZDI, Oracle, Dell, Adobe, Jenkins, ElasticSearch
I don’t see a vendor advisory I need on this list – can you add it?
Yes! Contact your Customer Success Manager and we are happy to connect additional vendor advisories for you.
Contextualized CVE information for faster threat research, without the overwhelm
Cyber attacks are increasing in volume and sophistication across every industry and category, leaving threat analysts and frontline security teams faced with a flood of information. The consequences of missing critical information are astronomical, but no human can keep up with this onslaught of data on their own.
You needrelevant, real-time, accurate information – and scrolling through an endless list of sources won’t get you there. That’s why we’re excited to announce that Leo, your AI research assistant, now aggregates information on vulnerabilities, exploits, malware families, and threat actors into a single view so that he can help you proactively track and research CVEs.
The Leo CVE Dashboard gives you at-a-glance visibility into relevant trending vulnerabilities, and you can use Leo to focus any of your feeds for faster insight into risks impacting your business’s software, hardware, and application stack.
Information overload is real. This is why we enhanced Leo’s cybersecurity knowledge graph so he can help you proactively track and research critical vulnerabilities and zero-day exploits relevant to you.
With Leo, you can prioritize the CVEs that impact your organization’s technology stack and reduce the time it takes to investigate threats by up to 70%. All of this information is available at a glance via the Leo CVE Dashboard and throughout your Feeds.
Before using Feedly for Cybersecurity, my biggest challenge was to quickly sort through all the data to find the top CVEs by mention, and track their relationships with exploits, patches, etc. It would take a lot of work to search through unstructured text and large bulk files. With Leo, it’s so much easier to quickly review details of a CVE and its associated relationships.”
Michael Rossi, Independent Security Consultant, Cybeta
The Leo CVE Dashboard: a complete CVE overview in a glimpse
If you want to dive deeper into a CVE, exploit, or threat, Leo synthesizes vulnerability, patch, exploit/PoC, malware, and threat actor information into a single CVE Dashboard. Leo eliminates the time you used to spend opening a new browser tab, searching, browsing for the resource you want, and skimming everything individually to find what mattered.
Instead of having dozens of research tabs open in your browser, The Leo CVE Dashboard consolidates the information into a single location where you have at-a-glance views of:
Number of Web and Social Media mentions, including Twitter and Reddit
For new vulnerabilities that don’t have a CVSS assigned yet, Leo uses a proprietary NLP model based on the CVSS v3 methodology to forecast this score. This way, you can spot new threats and take proactive steps in real-time.
Color-coding helps you make quick decisions about the next steps in your investigation. The darker the color on the Awareness graph, the more people are talking about the CVE across the web.
Get complete CVE overviews in a glimpse.
Leo provides links to all the external resources you need to investigate the CVE, so you can more rapidly respond to threats and improve important cybersecurity metrics like mean time to detection (MTTD), mean time to investigate (MTTI), and mean time to remediate (MTTR).
Dig deeper, faster, to determine if a specific vulnerability represents a critical risk for your organization based on its technology stack to decide whether to flag the intel and share it with the rest of your team.
For example, you can click on “Affected System” or “Patched” to go directly to those sources like the National Institute of Standards and Technology (NIST) National Vulnerability Database or websites with patches for remediation purposes.
Click elements on the dashboard for more context and source material.
“Before using Feedly for Cybersecurity, it was hard to prioritize which vulnerabilities were more important at a glance and determine if they applied to our networks. Now that we use Leo, we have been saving so much time, it’s much appreciated!“
– Feedly for Cybersecurity Customer
Leo can surface relevant critical vulnerabilities across your Feeds
In addition to his interactive CVE Dashboard, Leo also prioritizes the most recent and talked about CVEs, right on your Today page. Simply click on a CVE name to see the dashboard complete with the information necessary for critical decision-making.
Leo knows cybersecurity because we taught him about CVE, CVSS, exploits, patches, threat actors, and other security intelligence concepts. Leo summarizes the information from various resources including NVD, vendor advisories, blogs, Twitter, and Reddit so you don’t have to check each location, sifting through posts unrelated to the CVE you care about.
The Trending in Cybersecurity dashboard showcases the top 5 trending vulnerabilities.
You can add new Leo Priorities on top of your current feed to add contextual business risk. For example, if your technology stack includes Oracle, Adobe, and Google Chrome, but not Samba, you can refine Leo’s priorities so you only see what’s relevant to your organization.
Train Leo to prioritize vulnerabilities based on CVSS score to increase the relevance of your feed. Leo can flag risks related to your organization’s unique technology stack so you can out pace attackers.
You can start by training Leo to surface CVE’s based on Qualitative Severity Rating Scale — choose our preset for “high” or specify the CVSS scores to build your organization’s context into what you see.
Training Leo by using “HIGH” in combination with either products or vulnerability types personalizes your feed based on your organization’s unique needs. This lets you focus on the risks specific to your organization, weeding out the information you don’t need.
Surface the critical (CVSS > 8 or CVSS > 5 and exploit) vulnerabilities related to Oracle, Adobe, and Chrome.
All of these features, plus several more, are available as a part of Feedly for Cybersecurity. This package of Leo skills, enterprise features, and advanced knowledge graph access is perfect for cybersecurity teams that need to reduce noise and quickly identify risks. To learn more about any of these features, or start a free 30-day trial, click the link below.
Try Feedly for Cybersecurity
Save time researching CVEs so you can spend more time securing them.
