What is Vulnerability Intelligence?
August 10, 2021 • RBS
If you’re familiar with our work, you have most likely heard “vulnerabilities this” or “vulnerability intelligence that” – but what is a vulnerability and what does Vulnerability Intelligence (VI) actually mean?
A vulnerability is a flaw in computer software or hardware that allows an attacker to cross privilege boundaries. This may allow for the disclosure of sensitive information, tampering with the integrity of the system, or denying legitimate users access to service or information (i.e. denial of service).
Vulnerability Intelligence is a specific form of threat intelligence focused on the aggregation or dissemination of information about computer vulnerabilities that may put organizations at risk.
According to Upguard, vulnerabilities are the number one cause of data breaches. By taking advantage of flaws hackers can gain a foothold into organizations and cause chaos that can result in extreme financial loss. For this reason, Risk-based Vulnerability Management (RBVM) has been designated by Gartner as 2021’s second most important security project.
But even though true Risk-based Vulnerability Management is important, you can’t achieve it without proper vulnerability intelligence. But what is “proper” vulnerability intelligence? Does that imply that there is such a thing as “bad” data? To put it simply, the answer is yes. However, it is important to know know the elements of Vulnerability Intelligence to understand how it may be affecting your organization.