VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure
VulnCheck launched IP Intelligence, a new feature set designed to provide real-time tracking of attacker infrastructure and vulnerable IP’s on the internet.
VulnCheck IP Intelligence compiles data from popular Internet-Connected Device (ICD) datasets and cross-references it against VulnCheck exploit and vulnerability intelligence information to generate unique threat intelligence insights around ICDs and attacker command and control (C2) infrastructure.
“Attack surface management and the openness of the internet is the biggest security challenge businesses face today,” said Jacob Baines, CTO, VulnCheck. “Our new IP Intelligence features aim to address that issue, delivering new intel that enables teams to identify and take action against high-risk, potentially vulnerable targets on the public internet.”
With IP Intelligence, defenders access a downloadable and searchable dataset that identifies vulnerable internet-connected infrastructure indexed across CVEs, C2, Web-shells, and open directories.
VulnCheck’s IP Intelligence allows security teams to generate a dynamic list of internet protocol (IP) addresses that can be used in the external block list feature found in many of today’s Next Generation Firewall (NGFW) products. By combining NGFWs with VulnCheck’s new intelligence features, security teams can block VulnCheck-discovered C2 infrastructure automatically and in real-time, without manual updates.
VulnCheck’s IP Intelligence integrates seamlessly out of the box with NGFWs from Palo Alto Networks, Cisco, Fortinet and Check Point, and is generally available in VulnCheck’s Initial Access Intelligence solution.