All of my friends (and my bathroom scale, honestly) will tell you that I love tortillas.  Not just any tortillas, however…they have to be homemade.  I make sure we have homemade tortillas every week and keep them in the fridge.  They are better than anything you can buy in a store, and they are simply amazing when they are hot off the comal.  My kids know this; when they see the comal on the stove, they make a point of hanging around the kitchen to snag one (often a few!) while they are fresh because they understand that freshness is everything for tortillas.

It turns out the same is true for vulnerability intelligence!

In just the first 6 months of 2024, we’ve seen over 2,000 remotely exploitable, no-authentication-necessary CVEs be published.  These are the kinds of vulnerabilities that are exploited on the Internet - via APTs and criminals or botnets driving mass exploitation - every minute of every day.  This is a huge amount to deal with, and what we’ve seen this year is that they are occurring more frequently on edge devices that don’t have many mitigating controls to protect them.  When these things happen, it forces security teams to drop what they are doing and scramble for a fix.

There are many existing vulnerability prioritization solutions that can help by including information like “Known Exploits Available” or “In the Wild”. The issue is that these attributes quickly become stale.  Technically, a snippet of proof-of-concept code is an available exploit, but it isn’t the same as a mass exploitation attack by a criminal organization.  A hard-to-exploit race condition that requires a lot of time and effort might be “In the Wild”, but that doesn’t require the same urgency to fix as something an actor is actively exploiting today.  In many ways, these attributes (in addition to CVSS Base Scores, Vendor bulletins, etc) are like stale tortillas - edible but ultimately unsatisfying.

At GreyNoise we believe that security teams deserve actionable information that is fresh enough to know what attackers are doing right now, so that they can respond with the speed and urgency required.  Consequently, today we’re launching GreyNoise for Vulnerability Prioritization to give our customers exactly that.

Here’s how it works:

We run a global network of thousands of sensors that emulate the types of assets enterprises have exposed to the Internet:  web servers, network gear, etc.  We see when attackers and bots start probing them, and we collect the data as they are attacked in real-time.  We compare this against known bad behaviors and known IPs; our ML models are even capable of alerting us to unknown but suspicious or malicious activities that are the hallmarks of novel exploits. This is all unique, primary data that we collect rather than simply aggregating from third-party sources.  In other words, we make fresh tortillas from scratch rather than just reselling ones we bought from a supermarket.

As we collect this information, we make it immediately available via our Visualizer for ad-hoc usage and through our API for inclusion in your existing automation.  We ensure that information is always fresh, so that you can get the most up-to-date intel for as long as you need until you fix the problem.

There are many good vulnerability prioritization tools out there, but we believe that only we can tell vulnerability teams which CVEs need attention now based on what attacks are actually happening today.  Because Vuln Intel is based on all the same data that powers GreyNoise, you’ll also be able to share what you know seamlessly with your SOC analysts and threat hunters.

We think you’ll enjoy having fresh and actionable information with Greynoise Vulnerability Prioritization.  You can visit our website to learn more or schedule time to talk with us directly. 

I know you’ll also love having fresh and delicious tortillas, so please enjoy this recipe.  I look forward to hearing from you about both!

Flour Tortillas Recipe

Ingredients:

  • 4 parts all-purpose flour 
  • .1 part salt
  • 1 parts lard (or shortening, but lard is the best)
  • 2 parts water - hot water for thin and chewy tortillas, cold water for thick and fluffy

For example, I find 300gm (4 x 75gm)  flour + 75gm lard (1 x 75gm) + 8gm salt (.1 x 75gm) mixed with 150gm (2 x 75gm) hot water makes 8 burrito-sized or 12 fajita-sized tortillas.

Instructions:

  • Place flour, salt, and lard in a bowl.  Add in water; if using hot water, give it 30 seconds to melt the lard.
  • Knead for 1 minute - it should be tacky but not so sticky it won't easily come off your fingers; you can add a little flour if needed.
  • Let stand covered for 30 minutes.
  • Heat a cast iron griddle (a skillet works too) on med-high for 5 minutes (i.e. at the 25-minute mark)
  • Divide the dough into golf ball-sized portions.
  • Using a rolling pin, roll one into 6-9 inch diameter rounds.
  • Cook 30 seconds on one side - you'll see bubbles form on the top when it is time to flip.  Now is a great time to roll the next round while it cooks.
  • Flip and cook for another 15-30 seconds; I like longer to get a few charred spots.
  • Stack on a plate and cover with a towel.

Eat them soon — they will be unbelievably good for 60 minutes, very good the rest of the day, and better than anything you can buy in the store for at least a week if you keep them in the fridge. 

This article is a summary of the full, in-depth version on the GreyNoise Labs blog.
Read the full report
GreyNoise Labs logo
Link to GreyNoise Twitter account
Link to GreyNoise Twitter account