Finite State, a security leader for connected devices, launched its exploit intelligence capability, enabling security professionals to incorporate threat-based intelligence into product security prioritization.
As the threat landscape grows, it becomes harder for device manufacturers to know which vulnerabilities to prioritize. Meanwhile, hackers grow more sophisticated and continue publishing exploit kits – collections of exploits that less sophisticated threat actors can deploy autonomously.
According to cvedetails.com, more than 11 percent of almost 173,000 vulnerabilities in the National Vulnerability Database (NVD), are considered Critical (9.0-10.0 CVSS score). This translates to more than 19,000 Critical vulnerabilities – no security team could be expected to remediate all of them.
Finite State’s Exploit Intelligence capability helps level the playing field by monitoring thousands of industrial control systems (ICS) and operational technology (OT) advisories to surface vulnerabilities that threat actors are exploiting.
Users of the Exploit Intelligence platform can:
- Access profiles on threat actors
- Review a timeline of exploitation
- See the correlation between threat actors and specific common vulnerabilities and exposures (CVEs).
Leveraging this intelligence, users can prioritize remediation of the 19,000-plus critical vulnerabilities and minimize risk.
The Finite State platform offers a comprehensive view of device components, security issues and supply chain risk. By adding exploit intelligence capability, Finite State enables security teams to improve their visibility into device software and to automate protection for their products. Learn more about the platform at www.finitestate.io.
