Prioritize your risk posture with vFeed

vFeed, Inc technology and engines transforms big data into correlated vulnerability and threat intelligence database and multi-format feeds. DNIF crosslinks its references with the vFeeds framework and expands the vulnerability description.

threat intelligence

Complete visibility of your organization's risk exposure.

Trusted Intelligence at your fingertips

vFeed correlates hundreds of sources to extend the vulnerabilities accuracy by eliminating false positives, standardizing the content and enabling a viable way to assess the real risk. vFeeds is leveraged by security researchers, penetration testers, Security auditors and security tool vendors to describe vulnerabilities in detail.

  • Aligned with all SCAP requirements.
  • Compliant with MITRE industry standards.
  • Mapped with vulnerability solutions identifiers.
  • Cross-linked with security advisories.
  • Enrich your reports and findings.
  • Achieve vulnerability risk assessment.

vFeed + DNIF

vFeeds Core engine, contains a large dataset of information that companies need to enrich their vulnerability and threat intelligence solutions. With vFeed and DNIF - The comprehensive set of detective, corrective and preventive scripts and rules cross-referenced within the database will effectively reduce the effort and time to mitigate the identified threat or vulnerability.

Key Features:

  • Map identified threat vectors with associated vulernability information, like CVEs, CWEs and OVAL information.
  • Extending the support of version 2.3 of the CPE Standard.
  • Connect the dots faster during threat hunting with MITRE standards (CAPEC, CWE …)
  • Analyze and correlate data from 100+ sources with added contextual information like exploits, scanners, patches, IPS and much more.
  • Support of version 2 and 3 of the CVSS Standard

Leverage CVE Information In Your Threat Hunting Workflows

Vulnerabilities are programming errors that attackers use as stepping stones to gain access to a network or system and perform unauthorized activities, often while posing as an authorized user. In contrast, exposures are system configurations or states that could facilitate a successful attack. For example, exposures may allow attackers to gain information or hide their actions.

CVE, which stands for Common Vulnerabilities and Exposures, is a database whose purpose is to standardly identify all publicly known security vulnerabilities and exposures. Every CVE entry has a unique identifier consisting of year it was published and a four-digit serial number. Using the _lookup directive in DNIF, we’re going to be using some functions in vFeed to incorporate these CVE entries into a security workflow.

Detect malicious IP addresses - A complete use case walkthrough

Threat Intelligence / Related Blogs