Vulnerability intelligence: Prioritize threats
Vulnerability intelligence involves understanding vulnerabilities in order to build appropriate defense layers.
Once the vulnerability has been identified, the real question is: "So what now? How do we tackle this?"
Mobile vulnerability monitoring enables us to map the components targeted, by ROM, mobile and operator. In-depth vulnerability analysis then informs us on the reality of the threat: it's not enough to understand how a vulnerability works, and how it's triggered, to determine whether a system is vulnerable. There's nothing obvious about that. We need to replay a one-day exploit or an attack to check whether defenses are effective or not, in an appropriate context.
Study of known vulnerabilities provides many useful results:
- Detailed analysis of vulnerabilities, detection and remediation
- Effective exploits to test vulnerability
- Review of known attacks in different contexts, to gauge actual risk
- Side-channel attacks (software and hardware)
- Exploit source code
- Analysis of real threats in a given context, concerning a targeted vulnerability