Need to keep up with the latest vulnerabilities and threats but don’t have the time to read all of your security feeds? We can help.
Fifteen thousand vulnerabilities were discovered in 2018, the number of exploits doubled, and more than four security articles were published every minute. Keeping up with all of these trends can be time-consuming and overwhelming.
This is an issue that we are very passionate about and that we have researched with two of the largest security teams in Silicon Valley.
Today, we’re excited to announce a new Leo ability called Security Threats.
We taught Leo to read security articles and find or rate the severity of the software vulnerabilities mentioned so that he can help you focus your attention on the most critical threats in your feed first.
Here is a demonstration!
Let’s take a look at how you can train your Lion to prioritize articles that mention critical vulnerabilities related to Microsoft, WordPress, or Docker.
Cut the noise
Leo continuously reads your feeds and selects the most critical vulnerabilities in the priority tab.
For example, you might have a cybersecurity feed linked to niche security experts, vulnerability databases, keyword alerts, etc. with thousands of new articles per month.
You can train Leo to read those 1,000+ articles and prioritize the 30 or so that refer to high severity threats (CVSS> 8) and related to vendors you care about (Microsoft, WordPress, Docker in the example above).
You are in control
Leo is not a dull recommendation engine. Instead, Leo has a number of skills that give you control over defining what information is important to you.
The new Security Threat ability allows Leo to read an article, search for CVE, CVSS and exploit information from multiple open source databases and determine how critical a vulnerability is.
The new Security Threat skill also includes a sophisticated machine learning model that allows Leo to assess the severity of a threat based on the vocabulary used to describe the software’s vulnerability. This is especially useful for zero-day vulnerabilities that may not have a CVE or CVSS.
Training Leo to prioritize vulnerabilities is very simple.
The first level of the model captures the severity threshold. High means CVSS> 8 or CVSS> 5 but with an exploit.
The second level of the model acquires the list of suppliers.
Control and transparency are the fundamental principles of Leo design.
All Leo priority items have a green priority indicator. Clicking that indicator gives you an explanation of why the item has been prioritized and the opportunity to refine, pause, or remove that priority.
When an article is related to a CVE, you can also click on that CVE to get more information about the vulnerability: description, CVSS score, exploit, patch, etc.
Continuously learn and become smarter
Leo learns from his mistakes. When a recommendation is wrong, you can use the “Less like this” down arrow button to correct Leo.
You can let Leo know that he has misclassified a vulnerability, miscalculated severity, or misidentified a vendor.
Leo learns from your feedback and continually gets smarter.
Simplify your open source intelligence
We’re thrilled to see many security teams downgrade their feeds and dig deeper into the vulnerabilities that matter to them. Sign up today and find out what Feedly for cyber security can do for you!
If you are interested in learning more about Leo’s roadmap, you can join the Feedly Community Slack. 2020 will be an exciting year with new skills and bold experiments!