NEW Research: The Attacker-Defender Divide  
Download now >
Contact Us
Talk to an Expert
Request a demo

The NSA ❤️ Risk-Based Vulnerability Management

Oct 22, 2020
Jerry Gamblin

Share with Your Network

Growing up I loved the Spy vs. Spy comic in MAD Magazine where one spy always tried to get an advantage over the other. One tactic neither spy used, though, was publishing a list of the attacks the other spy was likely to try, which is why I was both bemused and amused when the NSA published an in-depth list of vulnerabilities that Chinese state hackers (PDF) are using. 

Right away, JCran, Kenna’s Head of Research, and I spent a few hours digging through the vulnerabilities listed in the PDF looking for what super l33t haxor zero days the Chinese MSS were using. It quickly became apparent that we were not going to get that information from this release. Instead, the NSA’s list of vulnerabilities goes to the heart of what Kenna talks about when we talk about implementing a risk-based vulnerability management (RBVM) program. 

With the rare exception, every vulnerability on this list includes the following points:

A public exploit is available. Meaning that most skilled hackers can fire up their favorite dark web browser and find code to exploit the vulnerability freely on the internet.  

The exploit allows remote code execution. These hackers aren’t interested in destructive or denial of service attacks. They are looking to gain control or run their own code on these devices—to take over the equipment. 

The attack is internet based. This simply means that the target is freely available on the internet and can be attacked by anyone at any time from around the world. 

There is a patch available. This is probably the most important point: the vulnerabilities that are being exploited have already had a public patch available from the software vendor. 

While this was just a quick 10,000-foot view of these vulnerabilities, a great place to learn more about RBVM is the Prioritization to Prediction research report series that we publish with Cyentia Institute, or the open source EPSS framework that we contribute to. 

And if you’re curious about your own Spy vs. Spy list of the Top 25 most likely vulnerabilities to be exploited on your own network, request a custom demo of Kenna’s modern vulnerability management solutions. You’ll get your own report in less than an hour. (Of course, whether you publish them publicly is up to you, though we don’t recommend it.) 

Share with Your Network

Read the Latest Content

Vulnerability Management

11 Tips for Choosing a Vulnerability Management Solution

“These tips go to 11.” – Nigel Tufnel It can be daunting to choose between vulnerability management (VM) solutions when all vendors describe their offerings in very similar ways. So making the best choice for you means identifying what your organization needs, and ensuring the solutions you’re evaluating meet those needs. It’s safe to say…

Risk-Based Vulnerability Management

5 Stars is Cool. Best Buy is Even Better. Here’s Why.

When Jeff Heuer and I decided risk-based vulnerability management (RBVM) needed to be a thing a decade ago, we knew we were ushering in a more effective and efficient way for organizations to reduce risk. At the time, our primary aspiration was to create a solution that Security and IT executives could rely on to…


5 Halloween Costumes That Will Make Cybersecurity Geeks Go Insane

Halloween is about so much more than too much candy corn and not enough peanut butter cups. Halloween is about cybersecurity geeks dressing up in costumes that only other cybersecurity geeks will get–and get excited about. For ideas, Kenna Security sifted through some of the year’s higher profile vulnerabilities, trojans and even APT crews. We…


© 2020 Kenna Security. All Rights Reserved. Privacy Policy.