Vulnerability scanners do a good job finding and reporting on the vulnerabilities and their corresponding risk scores. But prioritizing those risks for your specific organization is the real challenge. Most vulnerability management systems allow you to add modifiers that will raise or lower the risk scores based on environment variables such as the subnet the system is one, what apps the system supports, or what domain the system is in. Adding these risk variables are a good start, but it can still be difficult to prioritize thousands of vulnerabilities using just these metrics.
To address this problem, many companies will turn to threat feeds to add more context. Security teams will typically subscribe to multiple feeds, curate those feeds, remove irrelevant information, and deduplicate any redundant data. This is time-consuming, and organizations will often buy tools and services just to address these tasks.
Since you can't import threat intelligence into your vulnerability management system, the next step is to correlate this threat intelligence against your vulnerability data. Correlations between CVEs found in an article against vulnerability scan reports are most commonly done in a SEIM, or in spreadsheets in the worst-case scenarios. All of this adds up to a lot of time, expertise, infrastructure and money to get any value out of all this data. Even large organizations with plenty of resources aren't able to get all of this to work as easily and efficiently as they'd like.
Fletch was designed to help organizations overcome these limitations without having to set up analytics tools like a SEIM. Every weekday the Trending Threats app scans all the open source threat intelligence available, identifies the most severe trending threats, and delivers them to your inbox.
It takes 10 minutes to set up Fletch. By giving Fletch read-only access to your vulnerability management tool API, Fletch automatically does all the work and analysis for you, correlating your data with the latest news every day to identify which trending threats impact your resources.
Fletch puts the data in context, without the need to set up, configure, and manage complex tools. A great example of using automation, ML, and AI to free up under-resourced security teams from trivial data munging work, allowing them to focus on the most critical vulnerabilities impacting them today.
