Skip to main content
All CollectionsConnectorsThreat Intelligence
Integrating Threat Intelligence tools into the Vulcan platform
Integrating Threat Intelligence tools into the Vulcan platform
Updated over a year ago

Value

Why integrating Threat and Vulnerability Intelligence tools into the Vulcan platform? The power of two (or more).

Vulcan Cyber acknowledges the high reliability of Threat and Vulnerability Intelligence tools, such as Mandiant and Recorded Future, as well as the dependency of many Security Engineers and CISOs on such tools as their primary source of Cyber Intelligence. Therefore, Vulcan offers integration connectors to consolidate and aggregate the TI/VI data in the Vulcan Platform.

Integrating Threat and Vulnerability Intelligence tools into your Vulcan Platform significantly enriches the vulnerability data and adds another layer of intelligence to the CVE severity in your Vulcan Platform.

Scenario to consider

Let's assume you have a vulnerability on 20 external-facing assets identified as High by the integrated scanning tools but Critical by your trustworthy and reliable TI/VI tool. Without the organizational business context, you may need to remediate all of these assets immediately (the question is, do you have the resources and work capacity?). However, prioritizing remediation becomes clearer and containable if your business context is well set and configured in the Vulcan Platform.

Vulcan allows you to define your business context in its vulnerability management platform through various prioritization features and tools. Once defined, the ingested risk data from the integrations get refined and contextualized. This way, the Vulcan Platform reduces the noise around Critical and High vulnerabilities. It allows you to prioritize and allocate remediation resources efficiently and effectively based on the criticality and functionality of the affected assets in your organization. For example, by using the Business Groups feature, you can identify and prioritize remediation on assets that belong to high-impact business groups over lower-impact, Production Business Groups over non-Production ones, etc.

Read more about:

Benefits

What do you get as a CISO/Security Engineer?

  • Easily find Critical vulnerabilities identified by Threat Intelligence tools on high-impact assets and Business Groups that need fast remediation

  • Explore CVE analysis comprehensively and take action

  • Access aggregated and correlated CVE Threat Intelligence reports (TI cards)

Available TI Integrations

  • Mandiant

  • Recorded Future

  • CTCI

Threat Intelligence Sources and Logic

Did this answer your question?