Out of Stealth

February 21, 2019

We are out of Stealth - Woot! Woot!

The timing couldn't be better as it's a crazy world out there wrt threat actor activity

To put this in perspective, we added 52 entries to CEWL for the third quarter of Q3, and we reach 65 just for the month of June 2021 - that's 3x more attacks in one month. Threat actors are attacking companies like never before.  CEWL gives you insight into what threat actors are actively exploiting in the wild or about to exploit. Having this information allows you to be a lot more effective in stopping being compromised. You can use this list to determine what to be more effective in what to patch, what detections, mitigations, security products to buy, and what security features to turn on.  

CEWL is the best CVE Actionable Threat Intelligence product on this side of the galaxy.

Over the past year, we have been honing our threat intelligence, automating more analysis, going deeper and wider. We also went from API only to a portal.  Yeppers, even though people like to use the API, many people wanted to explore the list, do notifications on the list, create advanced filters, and the like.  

In checking how we did, we could easily check news articles with what was exploited in the wild and when we found it.  On average, we are some nine days early for targeted attacks.  We will be producing some blog entries of different reports on exploits in the wild and when we caught them.  A lot of times, when a CVE came out we can tell you whether it is really being exploited in the wild.  CEWL allows you to focus on the organization on what is most important, what threat actors are doing.  For organizations, that means you have a heads up and reduce the likelihood of being compromised.

Continually finding what threat actors are doing or about to do is one of the hardest problems in cybersecurity, and the good news year, we went from strength to strength.

We first started with an API to pull the CEWL list, and then clients asked if we could:

  • Have a portal for CEWL where we can filter and manipulate the list like in Excel?  Done - we have an Excel-like interface with charts, columns,  pivot tables.  You can even export to Excel.
  • Write complex filters if I need to? - Done - we give you the power of Python Pandas library with the simplicity of Google-like interface, yep keyword search.
  • Have different notifications for different teams within an organization? Done - you can have as many groups as departments or so within your organization.
  • Have two-way processing that we can check what we have processed? Done
  • Have two-way processing for our partners and supply chain to make sure they are improving their security posture? Done
  • Have different notification delivery for different notification groups? We support slack, teams, JIRA, webhooks, and email.  How do you like those apples :)
  • Have dark mode? We got ya back!
  • Have buttons to show the new entries by last day, week, month, and any value I want? Your wish is my command.
  • Have you support timezones for users, GMT is a little confusing for me?  I hear ya; you can have all the dates and times in your format to match your view of the world.
  • Have lots more requests have been implemented. Thank you to the peeps that have made this happen.

Big thanks to all the peeps that provided us with guidance to get there.  

Figure 1, "CEWL Features"

Why did it take so long?

Good things sometimes take longer than expected, especially when it comes to the quality of the CVE list. Also, we went down a little of a rabbit warren of just adding one more feature before release, 30 features later, oops. Development always takes 4x longer than you think it will take. We are happy with this version of the product, and there is even more cool stuff coming. We said it's time to help 1,000s of companies to have better security outcomes. Less time in Breaches, more time on Beaches. (Which if you saw me, you would say I haven't spent much time on the beach.  The idea is there, more time doing things you love. )


Get the world's best CVE threat intelligence and rocket the security maturity level of your organization. To start a trial, send an email to sales@ctci.ai with the subject, like "Trial" or let your creative side loose, such as: "CEWL is me to a Tee," "Hook me up with CEWL," "Let me loose on CEWL", "Threat Actors begone."

Knowing Is Half the Battle
get access now