The moderation team is monitoring different sources for the disclosure of information about new or existing vulnerabilities. Whenever possible we list all available sources in the according section. This makes it possible to start further investigation of a vulnerability and to compare statements by different sites.
- Vendor Sites: Vendors release new software which may contain patches to fix identified vulnerabilities. These releases and the according release notes are a solid source. They might come as a news, mailing list post or a post within a vendor forum.
- Mailing Lists: Vendors and security enthusiasts use mailing lists to announce and discuss details about security issues.
- Vulnerability Contributors: Some companies help to co-ordinate vulnerabilities between researcher and vendors. And they support them regarding the disclosure of the vulnerabilities.
- Vulnerability Databases: There are different vulnerability databases available which document vulnerabilities. We compare our data with theirs and try to determine differences. Whenever possible we link back to one of the sources hosting an issue we have also documented.
- Code Repositories: The public code repositories of well-known software projects are scanned for security-related changes to determine patches even before they get announced or linked to a vulnerability. Whenever possible we include code examples of the affected code blocks to illustrate the problem even more.
- News Sites and Blogs: Some news sites and blogs announce the availability of important software releases, the rise of interesting vulnerabilities or the spread of new attacks.
- Social Networks: Our social monitoring team is looking for new vulnerabilities announced or details discussed on the popular social networks.
- Vulnerability Broker: Some companies buy and sell vulnerabilities and exploits. A co-operation with the leading vulnerability brokers lets us get our hands on issues before they are available to the public.
- Market Places: Vulnerabilities and exploits are traded on different markets by multiple actors. We are observing these markets to find as many details as possible.
- Darknet: Similar to the public markets are the underground activities on the Darknet. Further investigation helps to determine issues even before they become available for the general public. Darknet monitoring capabilities are handled by the Titanium Team (Research) of scip AG.
- Internal Testing: Whenever possible we are trying to find and exploit vulnerabilities within our lab environment. This makes it possible that we can even publish 0-day vulnerabilities in the database. Our partner for technical testing is the Red Team (Offensive Testing) of scip AG.
Do you know our Splunk app?
Download it now for free!