Project Velma - Threat Intelligence

Owned by Jonathan Bellard
Nov 02, 2023
2 min read

Introduction

We are delighted to introduce a pivotal enhancement to our platform's suite of features—the integration of Project Velma, a ground-breaking development in the realm of threat intelligence.

Key Features

  1. Real-Time Vulnerability Identification: Unlike traditional threat intelligence tools, Project Velma serves as your comprehensive view into the cyber landscape, pinpointing vulnerabilities that are currently being exploited in real-time.

  2. Actionable Insights: Move beyond simple detection and delve into actionable intelligence that deepens your understanding of the threats your organization faces.

  3. Proactive Threat Management: With Project Velma, you are not merely reacting to threats; you are anticipating them. Empower yourself to make well-informed decisions on which vulnerabilities to prioritise for remediation.

  4. Automated CVE Watchlist: As a valued platform partner, you have the option to enable Velma to automatically populate your CVE watchlists with those exploits that are actively being exploited. To activate this feature, simply navigate to the 'Tenant Overview' and 'Threat Intelligence' menu.

How to Utilise Velma

  1. Access the Velma intelligence screen via the Generic Database side menu.

  2. View the last two weeks of intelligence gathered by Velma regarding CVE activity.

  1. Click on each line item, sorted by severity and latest article hit date, to see a trending graph of Velma's tracking for that CVE and its progression through different severity levels:

    • Informational: Initial monitoring stage with no exploits detected.

    • Low: Recognised by multiple sources but not exploitable.

    • Medium: Known exploit with limited mentions.

    • High: Multiple sources identify a known exploit.

    • Critical: Widespread recognition of a known exploit by a majority of sources.

  2. Use the Watchlist Settings button to instruct Velma to automatically promote CVEs to the active exploit watchlist based on their severity, with a default 30-day period.

  1. Manually add issues to the watchlist by selecting the ... button next to each line item, where you can set a CVE for longer than the default 30 days and edit the content.

Conclusion

By integrating Project Velma into your cybersecurity strategy, you are equipping yourself with the tools needed to take control, anticipate threats, and safeguard what is most important to your organization—all from within our platform. Transform your approach to cybersecurity and step into a new era of threat intelligence with Project Velma.