SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Nucleus Security teams up with Mandiant to enhance vulnerability management programs with threat intelligence
Wed, 2nd Feb 2022
FYI, this story is more than a year old

Nucleus Security, a unified vulnerability management and process automation company, has announced it has entered into a strategic partnership with cyber defence and response company Mandiant.

Through this agreement, Nucleus customers now have access to Mandiant Advantage Vulnerability Intelligence real-time, industry-leading threat insight and analysis powered by Mandiant's frontline incident responders, intelligence analysts and researchers at no additional cost.

"We spent the last year performing a deep dive into the vulnerability intelligence offerings of the leading threat intelligence providers and studying how their data could be useful in the context of vulnerability management," says Nucleus Security chief executive officer, Steve Carter.

"We chose to partner with Mandiant because they were most aligned with our vision of operationalising vulnerability intelligence and transforming enterprise vulnerability management as we know it," he says.

According to Nucleus Security, practitioners can accelerate the vulnerability prioritisation and triage process using automation at scale by integrating the aggregation, analytics, and vulnerability management orchestration capabilities already provided within Nucleus with Mandiant Advantage Vulnerability Intelligence.

Nucleus combines all the asset information and vulnerability data from scanning tools with threat intelligence information into a single platform, empowering vulnerability teams to eliminate laborious manual data analysis, accelerate decision-making and prioritisation, and remove major pain points as they mature their vulnerability management programs.

"Mandiant is committed to arming organisations with the expertise, intelligence and solutions needed to increase security effectiveness and reduce business risk," says Mandiant senior vice president, Mandiant Advantage Products, Mike Armistead.

"Strategic partnerships with companies like Nucleus further our ability to help organisations of all sizes confidently accelerate security and risk decision-making," he says.

"As we change the game in cybersecurity, we're pleased to use our unparalleled insight into the threats that matter most to help Nucleus Security customers prioritise vulnerabilities."

Nucleus is a vulnerability and risk management solution that automates vulnerability management processes and workflows, enabling organisations to mitigate vulnerabilities ten times faster, using a fraction of the resources it takes to perform these tasks.

Supporting nearly 100 integrations, Nucleus unifies the existing tools in a security stack, from asset inventory tools to vulnerability scanners across the entire technology stack, and now to integrated threat intelligence, creating a centralised hub to control the chaos of vulnerability prioritisation, analysis, triage, and remediation.

Last year, Mandiant, together with Microsoft, identified a new wave of intrusion activity from the threat actor behind the SolarWinds supply chain attacks.

The Russian nation-state actor Nobelium is the same actor behind the cyberattacks targeting SolarWinds customers in 2020. The U.S. government and others have been identified as part of Russia's foreign intelligence service known as the SVR.

At the time, Mandiant said that while the SolarWinds supply chain attack involved malicious code inserted in legitimate software, most of this recent intrusion activity has involved leveraging stolen identities and the networks of technology solutions, services, and reseller companies in North America and Europe to ultimately access the environments of organisations that are targeted by the Russian government.