SAFELY ENABLING BUSINESS
Global Threat
Monitoring
New vulnerabilities are detected every day.
Vulnerabilities that can be leveraged by external or internal hackers to
gain access over systems and information.
The importance of monitoring this global threat is also covered in the
PCI-DSS requirements:
PCI-DSS requirement 6.2.b states:
“Verify that processes to identify new security vulnerabilities include using
outside sources for security vulnerability information.”
There are several challenges with
monitoring the global vulnerability threat:
• There is a lot of vulnerability information released every day
• There are many different sources for vulnerability information
• A lot of important security information are not published as vulnerabilities
Many existing vulnerabilities remain
open, primarily because security
patches that have long been available
were never implemented.
In fact, many of the vulnerabilities
are traced to 2007 – a gap of almost
eight years.
About half of the CVEs exploited in
2014 went from publish to pwn in
less than a month.
Verizon 2015 Data Breach
Investigations Report
SecureLink Global Threat Monitoring is a service that constantly monitors the
threats on the Internet and deliver customized updates to customers about the
threats relevant for their specifc environment.
© SecureLink
www.securelink.net
SecureLink is the market leading
provider of cyber security in Europe.
SAFELY ENABLING BUSINESS
Global Threat
Monitoring
99.9% of the exploited vulnerabilities were compromised
more than a year after the CVE was published.
Verizon 2015 Data Breach
Investigations Repor
SERVICE OVERVIEW
SecureLink uses a number of sources to gather information on a daily basis.
The public sources that SecureLink use include (but are not limited to):
•
•
•
•
•
•
•
•
National Vulnerability SecureLink • Exploit DB
Packetstorm
Microsoft
HP Zero Day Initiative • CVEDetails
EU Cert
InfoSecurity
CERT SE
Seclists
SecureLink also does extensive manual research and correlation based on the information about the customer environment to deliver security updates regarding vulnerabilities not yet published.
Any vulnerabilities rated as critical by SecureLink will be dispatched from GTM.
These notifcations are called special notices and will be sent to all subscribers of the service. The vulnerability known as
Heartbleed is a good example of a special notice.
SERVICE DELIVERABLES
A subscriber will be notified daily (365 days per year) via e-mail if there is a match for any of his or her subscriptions. No
e-mail will be sent to a subscriber if there is no match.
SecureLink does not follow up on the information after it is delivered, and it is up to the customer to notify SecureLink if
further assistance is required.
© SecureLink
www.securelink.net
SecureLink is the market leading
provider of cyber security infrastructure
and managed security services in Europe.