Press Releases

RiskIQ Enhances Its Market-Leading Illuminate Internet Intelligence Platform with Next-Gen Vulnerability Intelligence to Identify and Prioritize CVEs in Real-time

San Francisco, CA, August 12, 2021 RiskIQ, a leader in internet security intelligence, today unveiled Illuminate Vulnerability Intelligence, the latest enhancement to its Illuminate Intelligence Platform.

Staying ahead of early-stage vulnerabilities is now mission-critical for security teams. Still, today's organizations struggle to maintain visibility into their external network of internet-connected products, devices, services, and apps that are swelling outside their firewalls to support an evolving workforce. With over 18,000 vulnerabilities published in 2020 and several of the most impactful breaches in history hammering organizations across the world in 2021, prioritizing this deluge of vulnerabilities has become an overwhelming challenge.

RiskIQ's Illuminate Vulnerability Intelligence is a native feature within the Illuminate Platform, adding exceptional value by directly integrating next-generation CVE insights and mitigation strategies at no extra cost or license to Illuminate customers. This infusion of RiskIQ intelligence goes beyond CVSS scores, adding knowledge of an organization's unique attack surface to provide accurate prioritization for assets most likely to be targeted.

RiskIQ Illuminate Vulnerability Intelligence key capabilities include:

  • Prioritized CVEs based on the RiskIQ algorithm encompassing recent exploits, Deep and Dark Web chatter, and linkage to malware
  • Mitigation steps or resources to remediate your vulnerabilities
  • Mapping of CVEs to your attack surface to identify impacted assets
  • Identification of CVE alignment to your third party vendors
  • Vulnerability Articles with comprehensive information for over 200,000 CVEs

RiskIQ Illuminate Vulnerability Intelligence leverages RiskIQ’s Internet Intelligence Graph, which assembles, labels, and stores real-world observations and pre-computes the deep digital relationships that make up an organization's attack surface. This custom analysis and global attack surface intelligence fusion have already elevated 500 of the 211,000 CVEs in the Illuminate Platform's index from 'Medium' to 'High' priority.

"Illuminate was a game-changer for the industry because, for the first time, every organization could see their attack surface for what it really is," said Elias Manousos, CEO and co-founder of RiskIQ. "Real-time intelligence derived from thousands of real-world observations across the global attack surface gives security teams a consistent way to prioritize, analyze, and triage the new breed of pervasive, massive-scale threats."

Security intelligence enhanced with in-depth knowledge of the global attack surface is also critical to understanding the vulnerability posture of your organization's digital supply chain and third parties.

Many organizations that have been breached have identified the cause as their supply chain. RiskIQ Illuminate Vulnerability Intelligence automatically monitors frameworks, page contents, third-party components, and code to identify relevant vulnerabilities, including those for third-party attack surfaces, such as partners, suppliers, distributors, and peers. This all-encompassing view identifies and prioritizes CVEs in real-time—even those lying deep in the technology stack or across the digital supply chain, the culprits in SolarWinds, and many other infamous breaches.

RiskIQ Illuminate Vulnerability Intelligence unites security and risk teams across multiple disciplines with ease and simplicity, showing vulnerabilities and where they lie across an organization. Each group—threat analysts, vulnerability specialists, compliance officers, and more—can instantly identify vulnerabilities related to any product, vendor, device, service, or app on-demand.

"Next-gen vulnerability intelligence is the glue that connects all the teams across an organization," Manousos said. "The flow of vulnerability intelligence gets vuln and intel teams speaking the same language and enables them to correlate one another's information quickly."

Built-in, risk-based prioritization informs how likely each vulnerability is to be exploited, resulting in accelerated remediation, dramatically reduced downtime, and less wasted effort. With mature organizations spending dozens of hours each week gathering intelligence to correlate with vulnerability severity to identify active risks and map them to their attack surface, this context and automation save precious time and money identifying and remediating threats.

Security professionals can contact RiskIQ to learn more and schedule a demo of RiskIQ's Illuminate Internet Intelligence Platform with Next-Gen Vulnerability Intelligence.

About RiskIQ

RiskIQ is a leader in internet security intelligence, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization's digital presence. With more than 75% of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by security teams, CISO's, and more than 100,000 security analysts, RiskIQ's platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, NationalGrid Partners, and MassMutual Ventures.

© 2021 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.


Holly Hitchcock
Front Lines Media