Zero-Day Vulnerability Intelligence

Exclusive zero-day vulnerability intelligence and capabilities from recognized industry experts.

The most critical threats don't have a CVE. The only reliable way to test defenses is to go on the offensive. Exodus Intelligence provide a wide range of exploit code to support those tasked with conducting red team exercises. By integrating Exodus' intelligence, vendors and organizations are able to provide pro-active protection against threats they discover to their customers and end users.

ZERO-DAY SUBSCRIPTION

Customers responsible for maintaining awareness regarding unknown threats to their enterprise networks are able to subscribe to the Exodus Intelligence enterprise zero-day feed (Enterprise Zero-Day Feed). This offering gives the customer access to a minimum of 50 unique zero-day reports and corresponding exploit code for vulnerabilities discovered by the Exodus team throughout a one year period. Typically, flaws included in such a subscription affect high-profile vendors such as Microsoft, Adobe, EMC, Novell, IBM, and others.

Included with a subscription to this offering, customers are kept apprised of exclusive vulnerabilities and threats in Industrial Control Systems. Typically, the flaws included affect high-profile vendors such as Siemens, General Electric, Rockwell Automation, and others.

A given package delivered through any of the aforementioned subscriptions consists of an XML file with metadata for integration into third-party SIEM products, a detailed report on the vulnerability, network packet captures of malicious and benign traffic, and working exploit code in the form of a Metasploit module.

The written report itself is typically 15 to 30 pages in PDF form covering all aspects of the vulnerability, including:

  • Affected products, versions, supported architectures, and hashes of binary files
  • Target market share, common usage, and typical deployment configurations
  • Technical information on the vulnerable components and enumeration of attack vectors
  • Disassembly and/or source code walkthroughs showing the flaw in the code
  • Detailed information on attack vectors and corresponding malicious network traffic
  • Guidance on how to detect an attack in progress as well as artifacts left behind in the case of a successful compromise
  • An explanation of the complete exploitation process, including bypassing mitigations
  • Insight into the requirements, reliability, difficulty, and likelihood of an attacker successfully exploiting the issue
  • Guidance on reducing or eliminating susceptibility to the flaw in place of an official patch from the affected vendor
N-DAY SUBSCRIPTION

In addition to researching exclusive zero-day vulnerabilities, Exodus Intelligence also offers a feed comprised of threats that have been publicly disclosed by outside organizations or the vendors themselves. These vulnerabilities are investigated, documented, and exploited for distribution to customers. Subscribers of this offering gain access to an arsenal of vetted, reliable exploits and corresponding documentation enabling them to ensure their defensive measures have been implemented properly.

A given package delivered through any of the aforementioned subscriptions consists of an XML file with metadata for integration into third-party SIEM products, a detailed report on the vulnerability, network packet captures of malicious and benign traffic, and working exploit code in the form of a Metasploit module.


The written report itself is typically 15 to 30 pages in PDF form covering all aspects of the vulnerability, including:

  • Affected products, versions, supported architectures, and hashes of binary files
  • Target market share, common usage, and typical deployment configurations
  • Technical information on the vulnerable components and enumeration of attack vectors
  • Disassembly and/or source code walkthroughs showing the flaw in the code
  • Detailed information on attack vectors and corresponding malicious network traffic
  • Guidance on how to detect an attack in progress as well as artifacts left behind in the case of a successful compromise
  • An explanation of the complete exploitation process, including bypassing mitigations
  • Insight into the requirements, reliability, difficulty, and likelihood of an attacker successfully exploiting the issue
  • Guidance on reducing or eliminating susceptibility to the flaw in place of an official patch from the affected vendor

By integrating Exodus' intelligence, vendors and organizations are able to provide pro-active protection against threats discovered to their customers and end users.

Unlike other threat intelligence providers that simply aggregate feeds of data from multiple sources, the Exodus team creates their own intelligence based on research and documentation of 0day exploits and associated vulnerabilities.  Exodus informs clients of critical threats years before the public (and attackers) catch wind of the vulnerability.