CEWL (CVE Early Warning List) is the list of CVEs that threat actors are currently using or imminently about to use. With CVE threat intelligence CTCI see 10x more than any other threat intelligence company in the world, and our intelligence is timely, with many of our CVEs added on the day of the CVE release. We answer one of the most challenging questions, is this CVE something I should prioritize?
LiFT your security operations detections with the latest threat actor TTP Rules. Use these detections to detect or stop your organization from these unwanted attacks.
We have Sigma, Yara, WAF Rules, and various IOCs that can be leveraged in multiple security tools. These rules are optimized to reduce the computing need in tools like Splunk, DEVO, Elastic Search, and other SIEM tools.
It is expected as a business owner on the web to seek to investigate an IP address and verify if it is safe to interact with your system or not. The problem is that most IOC threat feeds are full of false positives. And don't provide historical context. LEGIT's purpose is to provide a historical timeline and search history that lists an IP address and its number of attacks.
Malicious history of IP Addresses from 400+ lists over seven years and it's free to use!
"When we received advanced notification of a vulnerability that threat actors were working on leveraging, we acted quickly and were able to remediate the vulnerabilities five days before the threat actors attempted to use this vulnerability. We would not have been able to do it without the advanced notification from CTCI."
We focus on this list because it reduces the need to read 1,000s of articles. And helps us prioritize what we need to focus on.
Before CEWL we were overwhelmed, and we only focused on Critical alerts. Before CEWL we were overwhelmed, and we only focused on Critical alerts.
We had 2 weeks notice for an on-premise Exchange vulnerability that was attempted later. And we were able to get in front of the attack before it happened.
CEWL allows us to focus on 1-2 CVE entries a day compared to 200-500 new vulnerabilities released daily. By prioritizing based upon facts instead of prediction.