What is Vulnerability Research?
August 26, 2021 • RBS
Vulnerability research is the process where you research vulnerabilities and determine if any of them affects your organization’s systems.
As you monitor your vulnerability sources, you must research the vulnerabilities that appear. Do any of them affect your organization’s systems? Does a vulnerability affect a vendor in your supply chain, or a product your organization uses? If it does, what versions are susceptible to that vulnerability? Is an exploit available? Can you install a patch or upgrade to remediate it?
However, this stage of vulnerability intelligence (VI) is not so simple as vulnerability research can have different meanings and occur at different times depending on the role of the person performing it. The roles that can influence this are:
- Vulnerability researchers
- Vulnerability intelligence companies
- Security analysts at organizations
Vulnerability Research is Essential
For a vulnerability researcher, this stage includes the initial examination and investigation of a piece of computer software or hardware that contains bugs, which may allow for privileges that weren’t intended.
But for a vulnerability intelligence company like us, the term means actually going through publicly disclosed vulnerabilities to determine if they are legitimate issues, aggregating that data, and then normalizing it for consumption.
Organizations face a unique problem during vulnerability research. As an analyst, the term may mean researching if disclosed vulnerabilities impact their assets and what risk is posed. This means that your vulnerability research functions heavily depends on the comprehensiveness of what researchers and VI companies do.
Vulnerability Intelligence is a specific form of threat intelligence focused on the aggregation or dissemination of information about computer vulnerabilities that may put organizations at risk.
The definition of VI dictates that companies should be doing more than just aggregating data. They are also responsible for determining if issues are legitimate and enhancing it with rich metadata. But if you think back to the last vulnerability you researched, how detailed was it?