Vulnerability intelligence: Prioritize threats
Vulnerability intelligence involves understanding vulnerabilities in order to build appropriate defense layers.
Once the vulnerability has been identified, the real question is: "So what now? How do we tackle this?"
Mobile vulnerability monitoring enables us to map the components targeted, by ROM, mobile and operator. In-depth vulnerability analysis then informs us on the reality of the threat: it's not enough to understand how a vulnerability works, and how it's triggered, to determine whether a system is vulnerable. There's nothing obvious about that. We need to replay a one-day exploit or an attack to check whether defenses are effective or not, in an appropriate context. As for the hardware vulnerability intelligence and attacks reproducibility, they require specific learning and skills ownership.
Study of known vulnerabilities provides many useful results:
- Detailed analysis of vulnerabilities, detection and remediation
- Effective exploits to test vulnerability
- Review of known attacks in different contexts, to gauge actual risk
- Hardware attacks, including side-channel and fault injection
- Exploit source code
- Analysis of real threats in a given context, concerning a targeted vulnerability
- Hardware tooling