New Leo CVE Skill – Vendor Advisory Integrations
“Hi folks, this is Remi from Feedly. I wanted to share with you the latest updates on the Leo cybersecurity skills, which has to do with vendor advisory integration. Very exciting one.
The premise for this is that we’ve heard from a lot of our customers that connecting Leo’s knowledge graph directly to vendor advisory sites would be highly beneficial to get updates on CVEs faster, basically immediately as they get published on those vendor sites.
So we built it as you can see, we started integration with the most prominent vendor sites, as you can see here. So we’ve got our Microsoft, Oracle, Cisco if you have any vendor of choice that is not in this list, please let us know because we’re continuously adding more vendor sites to to the knowledge graph. Your feedback is important and will be taken into consideration.
To show you what that looks like, if you take a look at your Today page and your CVE dashboard and your trending vulnerabilities on the right hand side, you can zoom in to this latest vulnerability for Microsoft from a couple of days ago. Click on the CVSS score, which just normally just opens up the NVD page for that vulnerability, you can see that at the NVD level, this is still under undergoing analysis. And there isn’t much detail about it yet on the Phoebe side of things.
Thanks to Leo, you still have all of the elements that appear over here, as well as your usual reference articles and all the chatter around that particular CVE. This is because Leo is picking up that information directly from the Microsoft site and makes all of these updates again, almost in real time. So the outcome of this is that you can really be aware of what’s happening around these critical vulnerabilities sooner without having to go individually to all these other sites and looking up IDs.”
Which vendor advisories does Leo integrate with already?
Tenable, Mozilla, Google Android, Microsoft MSRC, Cisa, Google Chrome, F5, Cisco, Apple, Redhat, zdi, CERT/CC, Oracle, Rapid7, Palo Alto Networks, Dell, Adobe, Apache, Checkpoint, IBM, Siemens, Juniper, Jenkins, OpenVPN AS, Apache Tomcat, ElasticSearch, Google Cloud, NGINX, Haproxy, SAP, CNA vendors NVD, ISC, Netapp, Atlassian
I don’t see a vendor advisory I need on this list – can you add it?
Yes! Contact your Customer Success Manager and we are happy to connect additional vendor advisories for you.