Connect Match Identify

Vulnerability Intelligence

“A Vulnerability Intelligence program should be a key component of any sound network security strategy.  It should dovetail with a Vulnerability Assessment process and a patching/remediation process.  While a Vulnerability Assessment process will tell you what needs to be patched, Vulnerability Intelligence should tell you what needs to be patched first and what new patches need to be evaluated.

                                                                                                                                    Kevin Liston

Scanned vs Logical  Vulnerabilities

  •  fatstacks sRTMS associates CVE to inventory. call it logical vulnerabilities vs. scanned vulnerabilities.
  •  Scanning is technically challenging and expensive.
  •  Logical vulnerabilities have better coverage (agent).
  •  sRTMS found vulnerabilities missed by scanner and vice versa.

 Scanned + Logical = Vulnerability Intelligence