Threat Landscape

Threat Landscape allows you to properly prioritize vulnerability remediation, with the right mix of relevant data and analysis. It uses threat intelligence combined with machine learning to accurately identify those vulnerabilities that have the highest risk of exposure to proven threats (based on exploits observed in the wild rather than severity alone). By focusing your team’s efforts on vulnerabilities that carry the highest risk, your team can prioritize and remediate more effectively.

Threat Landscape uses proprietary threat intelligence models; threat intelligence feeds are aggregated and processed daily to correlate reported incidents with vulnerability exploitation. This data feeds into machine learning models that combine common vulnerability metrics such as CVSS, CWE, and CPE with vulnerability exploitation data. The result is an enriched data set to determine the likelihood of exploitability for each vulnerability, and the likelihood of weaponization of each exploit in the wild.

Now Fortra VM will help you focus remediation efforts on vulnerabilities which are weaponized, have proven exploits, or are likely to be exploited through threat intelligence features provided through Threat Landscape. You can set personalized risk thresholds according to your organizations priorities.

Threat Rank™

Threat Intelligence has become a vital part of security products including Vulnerability Management. Now you can leverage threat intelligence to classify which vulnerabilities are most likely to be exploited to prioritize your remediation efforts to the vulnerabilities that create the largest amount of risk for your organization, instead of attempting to patch all of them regardless of how likely they are to be exploited in an attack.

Threat Rank is a score, on a 0-100 scale, assigned to a vulnerability to rank it on its likelihood of exploitation in the wild. The purpose is to identify how likely the vulnerability is to be targeted if a malicious actor targets your organization OR how likely is an exploit for the vulnerability to be included in untargeted attack campaigns such as adware or phishing / whaling. This score ranks the possibility of exploitation inside your network by identifying upcoming attack vectors yet to be realized in the wild. You can stay ahead of attacker-weaponized vulnerabilities by resolving those most likely to be exploited with aggregated threat intelligence using these models with daily Threat Rank updates within Fortra VM.

Threat Rank scores are visible to all clients with a Fortra VM scanning service including, Fortra Vulnerability Manager and Active Threat Sweep. This feature reveals enhanced threat indicators to describe the correlation, volume, and recentness. The Threat Rank identifier can be utilized through filters, sorting orders, graphs, tables, notifications, and reports within Fortra VM, one-for-one to their Severity Rating counterparts.

Active Risk™

Active Risk uses system or configurable risk profiles combining vulnerability severity, Threat Rank, asset exposure, and asset criticality to create and rate your organization’s risk appetite. Empower your security operations center to analyze and report on trends and metrics for every asset and vulnerability in your Threat Landscape, and demonstrate targeted, measurable progress in securing your environment.

Use the Threat Landscape button on the Dashboard, in Active View, and in Scan Results to view your security posture via Threat Rank.

Engaging this Threat Landscape toggle changes the displayed data from the classic Rating and Severity (inclusive of Critical, High, Medium, Low, Trivial and Info) to Threat Rank focused data sets. See more in Threat Landscape™

Active Risk provides:

  • Configurable risk profiles to define risk thresholds unique to your organization’s needs
  • Functionality to unify risk vectors to generate multidimensional risk exposure
  • Suite of related graphs, reports and filters

You can leverage threat intelligence to classify which vulnerabilities are most likely to be exploited to prioritize your remediation efforts to the vulnerabilities that create the largest amount of risk for your organization, instead of attempting to patch all regardless of how likely they are to be exploited in an attack.