Assess and prioritize most exploitable vulnerabilities

In the context of vulnerability assessment, Helm provides a practical framework for understanding and prioritizing vulnerabilities based on severity, exploitability, and potential threats. This article outlines how Helm utilizes CVSS v2 and v3 scores, along with EPSS scores and threat sources, including indicating if vulnerabilities are on the CISA KEV list, whether they are in the Exploit Database (exploit-db.com) or have a Metasploit toolkit available to make attacks easier, and whether they meet the criteria of the top 25 CWEs (Common Weakness Enumerations).

Automatic enrichment of CVE vulnerabilities with CPEs

Our advanced Large Language Model (LLM) now enriches vulnerability data from the National Vulnerability Database (NVD). Unfortunately, the NVD has not kept pace with CPE and other data enrichment for the past six months, leaving those of us in the cybersecurity space in a bit of quandary.

To remedy this issue, our LLM is now identifying vulnerabilities impacting your products and automatically enriching the information retrieved from the NVD with CPE data, aiding in more precise identification of vulnerabilities. This provides you with a more complete view of your overall risk, and ensures that you're focusing your time and effort on the most exploitable vulnerabilities that are affecting your product. Vulnerabilities that came from the NVD, and through our CPE enrichment, were identified as impacting your products will have an AI badge in the new Source column on the Vulnerabilities page.

Rescoring vulnerabilities

You can adjust all vulnerability scores across an entire product version based on your device's environment and usage, or choose individual vulnerabilities to rescore. Customize vulnerability scores based on your device's unique environment and usage, recalibrating severity, exploitability, and threat information for a tailored assessment that minimizes false positives while pinpointing your more exploitable and critical vulnerabilities, thereby strengthening your cybersecurity defenses.

Prioritize what vulnerabilities to focus on

You can easily stay on top of new and updated vulnerabilities:

  • Get email notifications of new vulnerabilities impacting your software supply chain.

  • Identify those with available exploits or malware kits.

  • Consider suggested Windows KB updates (Windows operating systems only).

  • Stay updated with information from the National Vulnerability Database (NVD).

What vulnerabilities should I focus on first?

To ensure you're focusing on the most exploitable vulnerabilities:

Once you've rescored your vulnerabilities, you can then prioritize the remaining vulnerabilities by filtering down on those that have a combination of high CVSS scores with high exploitability (EPSS) scores, as well as having exploits or threats publicly available.

Filter on most impactful vulnerabilities

You can filter down to just what you need.

Check whether a vulnerability has been updated

If you’ve previously assessed a vulnerability, but you see an Updated on date display in the Detected on column, this indicates that the vulnerability has been updated. You’ll want to check to make sure that this doesn’t increase its severity for your particular case.

Last updated

© Copyright MedCrypt 2024, All rights reserved.

#294: EOL release docs

Change request updated