カテゴリー: cybersecurity-only

Leo understands cyber attacks

Posted on by Sarah Hartland
New Feature
Easily track critical cyber attacks across your industry and supply chain.

The only constant in the realm of cyber security is change; hackers are continuously maturing and becoming more sophisticated, attack patterns are constantly evolving, and the threat landscape is growing more volatile every day; one cyber attack occurs every 39 seconds.

That’s why we’ve enhanced Leo’s knowledge of cyber attacks, targets, and industries so you can keep pace with the threat landscape and do what you do best: maintain the integrity of your security posture. You can ask Leo, your AI research assistant, to flag critical cyber attacks in your feeds and focus on specific attacks targeting your industry or supply chain. You can also push attack insights to your internal platforms via the Feedly API.

Go to video tutorial

Track all types of cyber attacks with a single smart topic priority

Leo flags important information to focus your efforts on targeted insights. Leo understands cyber attacks because we taught him about malware, ransomware, data breaches, phishing, social engineering, and fraud.

You can train Leo further and have him focus on the specific topics, threats, and threat actors you care about to gain a deeper understanding of the threat landscape as it applies to you.

From a proactive monitoring perspective, the power of using Feedly and Leo is to actually inform you of breaches before anyone else knows.”

Cybersecurity Analyst at a top energy provider

You can start by training Leo to recognize cyber attacks as a smart topic, a concept that Leo has been trained to understand with our AI models. Simply navigate to the security category you want to add this insight to and enter “cyber attack” as a topic. Training Leo to highlight cyber attacks in your security feed keeps you up-to-date with the most recent reports. Highlighting the attacks that are actually being conducted in the wild helps you effectively prioritize and ensures you never miss a thing. 

Focus on attacks targeting specific industries or Fortune 500 companies

We’ve taught Leo to recognize 19 industry sectors to ensure you always have the most current industry-relevant threat intelligence at your fingertips. Don’t see your industry? No problem! Ask us and we’ll teach Leo to recognize it.

We were able to turn the list of our top partners into a Leo Priority and ask Leo to flag cyberattacks targeting those partners. That’s how we identified that one of our vendors had been breached a week before that the actual company told us.”

Cybersecurity Analyst at top energy provider

Leo also recognizes each company listed in the Forbes Fortune 500 list to help you optimize and maintain your vendor security initiatives.You can gain these deeper insights simply by adding the industry or company you want Leo to flag for you. 

You can use Leo to detect new risks, reinforce your vendor risk programs, and potentially be the first to discover a breach. 

Track attacks targeting your supply chain

Track up to 1,000 vendors in your supply chain to see the most relevant cyber attacks early.

Supply chain attacks have been in the limelight recently. Now, Leo can help you cross-reference your known vulnerabilities with the latest threat intelligence. Proactive alerting informs you of critical vulnerabilities, cyber attacks, and emerging threats before anyone else. Need to know about zero-day exploits as soon as they are targeted? No problem. Need to create your own list of companies you want to track? Leo has your back.

Leo continuously gets smarter and more accurate. This process is optimized with your feedback! With the ‘Less Like This’ button, you can let Leo know the article he prioritized is wrong or not relevant to you. 

Everything you need, nothing you don’t

Every second counts in cybersecurity. You tell Leo what you want and he populates the insights you need, when you need them.

Leo does the work upfront so you can filter out the noise and save massive time, working smarter and faster. Up to 80% faster.

Before using Leo to track cyber attacks, we would struggle with an overload of data and waste time sifting through information. Our feed is now 2-3 times shorter, we do not miss out on any important cyber attacks and we earned back so much time!

Anonymous Cybersecurity Analyst

Want to track specific cyber attacks in your field?

The Leo Cyber Attack skill is one of Leo’s advanced AI skills in the Feedly for Cybersecurity package.

Start 30 day trial

You might also be interested in

Research critical vulnerabilities with the Leo CVE Dashboard

Contextualized CVE information for faster threat research, without the overwhel

How an Australian energy provider stays on top of critical cyber threats with Feedly

This analyst team designed AI-powered security Feeds in Feedly that proactively alert them about specific topics, threats, and threat actor

Research critical vulnerabilities with the Leo CVE Dashboard

Posted on by Sarah Hartland
New Feature
Contextualized CVE information for faster threat research, without the overwhelm

Cyber attacks are increasing in volume and sophistication across every industry and category, leaving threat analysts and frontline security teams faced with a flood of information. The consequences of missing critical information are astronomical, but no human can keep up with this onslaught of data on their own. 

You need relevant, real-time, accurate information – and scrolling through an endless list of sources won’t get you there. That’s why we’re excited to announce that Leo, your AI research assistant, now aggregates information on vulnerabilities, exploits, malware families, and threat actors into a single view so that he can help you proactively track and research CVEs. 

The Leo CVE Dashboard gives you at-a-glance visibility into relevant trending vulnerabilities, and you can use Leo to focus any of your feeds for faster insight into risks impacting your business’s software, hardware, and application stack. 

Information overload is real. This is why we enhanced Leo’s cybersecurity knowledge graph so  he can help you proactively track and research critical vulnerabilities and zero-day exploits relevant to you

With Leo, you can prioritize the CVEs that impact your organization’s technology stack and reduce the time it takes to investigate threats by up to 70%. All of this information is available at a glance via the Leo CVE Dashboard and throughout your Feeds.

Try Feedly for Cybersecurity

Before using Feedly for Cybersecurity, my biggest challenge was to quickly sort through all the data to find the top CVEs by mention, and track their relationships with exploits, patches, etc. It would take a lot of work to search through unstructured text and large bulk files. With Leo, it’s so much easier to quickly review details of a CVE and its associated relationships.

Michael Rossi, Independent Security Consultant, Cybeta

The Leo CVE Dashboard: a complete CVE overview in a glimpse 

If you want to dive deeper into a CVE, exploit, or threat, Leo synthesizes vulnerability, patch, exploit/PoC, malware, and threat actor information into a single CVE Dashboard. Leo eliminates the time you used to spend opening a new browser tab, searching, browsing for the resource you want, and skimming everything individually to find what mattered.

Instead of having dozens of research tabs open in your browser, The Leo CVE Dashboard consolidates the information into a single location where you have at-a-glance views of:

  • CVSS score and vector string 
  • CWE
  • Affected systems, including vendor advisories
  • Exploit information
  • Patches
  • Associated malware families
  • Associated threat actors
  • Awareness graph
  • Number of Web and Social Media mentions, including Twitter and Reddit

For new vulnerabilities that don’t have a CVSS assigned yet, Leo uses a proprietary NLP model based on the CVSS v3 methodology to forecast this score. This way, you can spot new threats and take proactive steps in real-time.

Color-coding helps you make quick decisions about the next steps in your investigation. The darker the color on the Awareness graph, the more people are talking about the CVE across the web.

Get complete CVE overviews in a glimpse.

Leo provides links to all the external resources you need to investigate the CVE, so  you can more rapidly respond to threats and improve important cybersecurity metrics like mean time to detection (MTTD), mean time to investigate (MTTI), and mean time to remediate (MTTR). 

Dig deeper, faster, to determine if a specific vulnerability represents a critical risk for your organization based on its technology stack to decide whether to flag the intel and share it with the rest of your team.

For example, you can click on “Affected System” or “Patched” to go directly to those sources like the National Institute of Standards and Technology (NIST) National Vulnerability Database or websites with patches for remediation purposes. 

Click elements on the dashboard for more context and source material.

Before using Feedly for Cybersecurity, it was hard to prioritize which vulnerabilities were more important at a glance and determine if they applied to our networks. Now that we use Leo, we have been saving so much time, it’s much appreciated!

– Feedly for Cybersecurity Customer

Leo can surface relevant critical vulnerabilities across your Feeds

In addition to his interactive CVE Dashboard, Leo also prioritizes the most recent and talked about CVEs, right on your Today page. Simply click on a CVE name to see the dashboard complete with the information necessary for critical decision-making.

Leo knows cybersecurity because we taught him about CVE, CVSS, exploits, patches, threat actors, and other security intelligence concepts. Leo summarizes the information from various resources including NVD, vendor advisories, blogs, Twitter, and Reddit so you don’t have to check each location, sifting through posts unrelated to the CVE you care about.

The Trending in Cybersecurity dashboard showcases the top 5 trending vulnerabilities.

You can add new Leo Priorities on top of your current feed to add contextual business risk. For example, if your technology stack includes Oracle, Adobe, and Google Chrome, but not Samba, you can refine Leo’s priorities so you only see what’s relevant to your organization. 

Train Leo to prioritize vulnerabilities based on CVSS score to increase the relevance of your feed. Leo can flag risks related to your organization’s unique technology stack so you can out pace attackers.

You can start by training Leo to surface CVE’s based on Qualitative Severity Rating Scale — choose our preset for “high” or specify the CVSS scores to build your organization’s context into what you see.

Training Leo by using “HIGH” in combination with either products or vulnerability types personalizes your feed based on your organization’s unique needs. This lets you focus on the risks specific to your organization, weeding out the information you don’t need.

Surface the critical (CVSS > 8 or CVSS > 5 and exploit) vulnerabilities related to Oracle, Adobe, and Chrome.

All of these features, plus several more, are available as a part of Feedly for Cybersecurity. This package of Leo skills, enterprise features, and advanced knowledge graph access is perfect for cybersecurity teams that need to reduce noise and quickly identify risks. To learn more about any of these features, or start a free 30-day trial, click the link below. 

Try Feedly for Cybersecurity

Save time researching CVEs so you can spend more time securing them.

Start 30 Day Trial