Find the insights and best practices about Recon.
Trends
How to use the Trends page effectively to stay up-to-date with the latest vulnerability intelligence

This guide will walk you through how to effectively use the Trends page to stay up-to-date with the latest vulnerability intelligence. The Trends page allows you to review vulnerabilities by applying time period or data filters, so you can drill down into what matters most for your organisation.

 

Time period filters

You can easily filter data based on the timeframe you want to review. Select between last 24 hours, 48 hours, 7 days and 30 days

 

Data filters

Use our preset filters to review the latest intelligence across 8 key categories:

 

1. Trending in News and Social

A combined view of the top ranking CVEs mentioned across news and social media. We recommend then sorting the table by either the news or social mentions column to see the top CVEs in each category. Be default, CVEs are sorted by social media mentions.

 

2. Added to Cytidel Spotlight

Each week Cytidel’s CTI team add CVEs to their spotlight due to their severity, impact or novel nature. This option enables you to view CVEs recently added to the Spotlight.

 

3. Rising Risk Rating

View CVEs that have seen their Cytidel Risk Rating category increase due to new data for that CVE being discovered. You can find more info on Cytidel’s Risk Rating here.

 

4. Rising EPSS

View CVEs that have seen an increase in their Exploit Prediction Scoring System percentage.

 

5. CISA KEV

View any CVEs that were added to CISA KEV during the time period.

 

6. Potential Proof-of-Concept

View any CVEs that have a newly discovered POC or exploit during the time period.

 

7. Not Published to NVD

View CVEs that are either trending in news or social, or have a newly associated POC or exploit, but are not yet published to NVD.

 

8. Potential Public Exploit

View any CVEs that are a potential zero day or that have a potential exploitation in the wild.

 

Intelligence tags

 

1. This CVE has been added to CISA KEV.

2. This CVE has not been published to NVD.

3. This CVE has a potential public POC or exploit code identified.

4. This CVE has a known threat actor associated with it.

5. This CVE was released as part of Microsoft Patch Tuesday.

6. This CVE is a potential zero day or has a potential exploitation in the wild.

7. This CVE has been added to the Cytidel Spotlight.

 

 

Social and news mentions

  • Social mentions
    The total count of mentions we have identified across monitored social media.
  • News mentions
    The total count of mentions we have identified across monitored news and advisories outlets.
    Note: Clicking on the icon will open an overlay that shows the attributed news articles for that CVE, along with a link to view the article:


Risk rating

The Cytidel Risk Rating is our secret sauce. We evaluate both new and existing vulnerabilities based on factors like threat scores, trending vulnerabilities, exploitation evidence, and threat intelligence prominence.

Each CVE is then assigned one of the below categories, and dynamically updates in real-time as new intelligence emerges.

Significant risk and threat activity identified for this CVE. This CVE is likely tagged prominently in the news, has active exploits and multiple POCs.

 

High risk and threat activity identified for this CVE.

 

Elevated risk and threat activity identified for this CVE.

 

Moderate risk and threat activity identified for this CVE.

 

Low risk and threat activity identified for this CVE. This CVE likely has no associated exploits or POCs, and is likely to have very few mentions across news or social media.

Did this answer your question?