![\"Vulnerability](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/bug.svg\")
<\/a><\/p>\nVulnerability Research<\/h3>\n\n- Focus on vulnerabilities against managed and unmanaged devices (IT\/IoT\/IoMT\/OT)<\/li>\n
- 200+ vulnerabilities discovered in last 5 years<\/li>\n
- 100+ known exploited vulnerabilities on unmanaged devices<\/li>\n<\/ul>\n
Explore<\/a><\/p>\n![\"Threat](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/alert.svg\")
<\/a><\/p>\nThreat Reports<\/h3>\n\n- Manual and automatic analysis of malware samples collected via customer telemetry and other sources<\/li>\n<\/ul>\n
Explore<\/a><\/p>\n![\"Cyber](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/Threat-Intel.svg\")
<\/a><\/p>\nThreat Intelligence & Detection<\/h3>\n\n- Daily context-rich, machine-consumable threat feeds<\/a><\/li>\n
- Detection rules to keep our Threat Detection & Response solution on top of emerging\u00a0threats<\/li>\n
- Live dashboards<\/a><\/li>\n<\/ul>\n
explore<\/a><\/p>\n\n<\/figure>\nHow We Do It<\/h2>\n
Forescout Vedere Labs studies what attackers are working towards by observing actual attacks in our sandboxes, on the Darknet and in our Adversary Engagement Environment. We analyze significant attacks and generate vulnerability and threat intelligence that is consumed by the Forescout Platform<\/a>. We also create corresponding detection rules that are added to Forescout Threat Detection & Response<\/a> to help ensure customers can protect their IT, OT, IoT and IoMT environments. <\/p>\nFirsthand Observations in Our Research Laboratory<\/h2>\n
Located in Eindhoven, Netherlands, our research laboratory is where we observe firsthand the vulnerabilities being exploited and attacks in progress. The information we collect is analyzed to generate threat intelligence, calculate multifactor risk scores<\/b><\/a> and create detection rules<\/b><\/a>.<\/p>\n![\"Research](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/Vedere-Research-Diagram_v01_02.svg\")
<\/p>\n
How Vedere Labs Uses Artificial Intelligence<\/h2>\n
\u00a0<\/p>\n
![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/12\/vedere-labs-AI-example-1.webp\")
<\/p>\n
VL threat intelligence is integrated on generative AI products, such as Microsoft Copilot for Security, allowing security analysts to query OT and IoT-specific threat intelligence directly from Forescout Research.<\/p>\n
We also have integrated generative AI within our TDR solution, which summarizes proprietary intelligence that can be gathered about IP addresses and other indicators of compromises observed during an incident.<\/p>\n
VL KEV: Our Proprietary List of Vulnerabilities<\/h2>\n
Our KEV list is compiled from real attacks we observe within our OT and IoT-specific honeypots, customer data and third-party intelligence. The list is complementary to industry-standard sources, such as CISA KEV. It is updated in tandem with other threat intelligence for Forescout eyeInspect and REM solutions. This type of intelligence allows users to prioritize vulnerability management actions based on what is currently being exploited by threat\u00a0actors.<\/p>\n
![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/12\/vedere-kev.jpg\")
<\/p>\n
Partnerships and Threat Intelligence Sharing Groups<\/h2>\n
Vedere Labs is a proud member and contributor to threat intelligence sharing groups, including CERTs, cyber threat alliances and ISACs \u2014 where new intelligence and best practices are shared. Member organizations include industry, academia and governments where we share machine-readable intelligence and human-readable reports.<\/p>\n
European Energy\u00a0ISAC<\/h5>\n
Forescout is a founding member and actively participates in the threat intelligence task force.<\/p>\n
ETHOS<\/h5>\n
Forescout is a founding member and part of the board of directors in this industry partnership dedicated to OT-centric, open-source sharing of anonymous early-warning threat information.<\/p>\n
OT-ISAC<\/h5>\n
Forescout is a partner that shares reports, answers questions about emerging threats and presents at conferences and threat briefing meetings.<\/p>\n
CISA JCDC and AIS<\/h5>\n
Forescout shares indicators of compromise and reports distributed to other members of the JCDC and IAS initiatives.<\/p>\n
ACSC CTIS<\/h5>\n
Forescout shares indicators of compromise and reports distributed to other members of the CTIS initiative.<\/p>\n
Data. Lots of Data.<\/h2>\n
The threat intelligence data we analyze comes from millions of connected devices that we monitor that give us billions of data points about device configuration and network behavior. It also comes from attacks we observe and dissect and other sources that we monitor.<\/p>\n
![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/07\/Classification-blue-round-icon.svg\")
<\/p>\n
Devices<\/h4>\n\n- 19 million monitored devices<\/li>\n
- 39 billion unique data points<\/li>\n
- 1,500 global sites<\/li>\n
- 6,500+ unique vendors<\/li>\n
- 2,300+ unique OS versions<\/li>\n<\/ul>\n
![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/threat-blue-round-icon2.svg\")
<\/p>\n
Threats<\/h4>\n\n- 750+ threat actors<\/li>\n
- 100+ ransomware group leak sites<\/li>\n
- 20+ C2 types monitored on the Internet<\/li>\n
- Third-party intel<\/li>\n<\/ul>\n
Forescout Research – Vedere Labs Featured\u00a0In…<\/h2>\n
![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/cnn_business-logo.png\")
<\/p>\n
Researchers uncover software flaws leaving medical devices vulnerable to hackers<\/h5>\n
Researchers say they have found more than a dozen vulnerabilities in software used in medical devices and machinery used in other industries that, if exploited by a hacker, could cause critical equipment such as patient monitors to crash\u2026<\/p>\n
Read More<\/a><\/p>\n![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/wired-magazine-logo.png\")
<\/p>\n
Critical Bugs Expose Hundreds of Thousands of Medical Devices and ATMs<\/h5>\n
\u201cYou can imagine the type of impact an attacker could have when they can either exfiltrate data from medical equipment or other sensitive devices, potentially tamper with lab results, make critical devices unavailable, or take them over entirely\u2026\u201d<\/p>\n
Read More<\/a><\/p>\n![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/washington-post-logo.png\")
<\/p>\n
Government cyber workers increasingly concerned hackers will strike during shutdown<\/h5>\n
The government\u2019s cybersecurity professionals are increasingly concerned that hackers will take advantage of the partial shutdown to tamper with sensitive government data or steal citizens\u2019 information \u2014 and that the bare-bones staff won\u2019t be able to fend them off\u2026<\/p>\n
Learn More<\/a><\/p>\n![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/politico-logo.png\")
<\/p>\n
OT:ICEFALL FINALE<\/h5>\n
Forescout Vedere Labs is wrapping up its yearlong project looking at design vulnerabilities in operational technology with a closing report today that blames many of the issues they\u2019ve encountered on vendors of the technology not implementing designs that would build security into the systems\u2026<\/p>\n
Explore<\/a><\/p>\n Explore<\/a><\/p>\n explore<\/a><\/p>\n Forescout Vedere Labs studies what attackers are working towards by observing actual attacks in our sandboxes, on the Darknet and in our Adversary Engagement Environment. We analyze significant attacks and generate vulnerability and threat intelligence that is consumed by the Forescout Platform<\/a>. We also create corresponding detection rules that are added to Forescout Threat Detection & Response<\/a> to help ensure customers can protect their IT, OT, IoT and IoMT environments. <\/p>\n Located in Eindhoven, Netherlands, our research laboratory is where we observe firsthand the vulnerabilities being exploited and attacks in progress. The information we collect is analyzed to generate threat intelligence, calculate multifactor risk scores<\/b><\/a> and create detection rules<\/b><\/a>.<\/p>\n \u00a0<\/p>\n VL threat intelligence is integrated on generative AI products, such as Microsoft Copilot for Security, allowing security analysts to query OT and IoT-specific threat intelligence directly from Forescout Research.<\/p>\n We also have integrated generative AI within our TDR solution, which summarizes proprietary intelligence that can be gathered about IP addresses and other indicators of compromises observed during an incident.<\/p>\n Our KEV list is compiled from real attacks we observe within our OT and IoT-specific honeypots, customer data and third-party intelligence. The list is complementary to industry-standard sources, such as CISA KEV. It is updated in tandem with other threat intelligence for Forescout eyeInspect and REM solutions. This type of intelligence allows users to prioritize vulnerability management actions based on what is currently being exploited by threat\u00a0actors.<\/p>\n Vedere Labs is a proud member and contributor to threat intelligence sharing groups, including CERTs, cyber threat alliances and ISACs \u2014 where new intelligence and best practices are shared. Member organizations include industry, academia and governments where we share machine-readable intelligence and human-readable reports.<\/p>\n Forescout is a founding member and actively participates in the threat intelligence task force.<\/p>\n Forescout is a founding member and part of the board of directors in this industry partnership dedicated to OT-centric, open-source sharing of anonymous early-warning threat information.<\/p>\n Forescout is a partner that shares reports, answers questions about emerging threats and presents at conferences and threat briefing meetings.<\/p>\n Forescout shares indicators of compromise and reports distributed to other members of the JCDC and IAS initiatives.<\/p>\n Forescout shares indicators of compromise and reports distributed to other members of the CTIS initiative.<\/p>\n The threat intelligence data we analyze comes from millions of connected devices that we monitor that give us billions of data points about device configuration and network behavior. It also comes from attacks we observe and dissect and other sources that we monitor.<\/p>\n Researchers say they have found more than a dozen vulnerabilities in software used in medical devices and machinery used in other industries that, if exploited by a hacker, could cause critical equipment such as patient monitors to crash\u2026<\/p>\n Read More<\/a><\/p>\n \u201cYou can imagine the type of impact an attacker could have when they can either exfiltrate data from medical equipment or other sensitive devices, potentially tamper with lab results, make critical devices unavailable, or take them over entirely\u2026\u201d<\/p>\n Read More<\/a><\/p>\n The government\u2019s cybersecurity professionals are increasingly concerned that hackers will take advantage of the partial shutdown to tamper with sensitive government data or steal citizens\u2019 information \u2014 and that the bare-bones staff won\u2019t be able to fend them off\u2026<\/p>\n Learn More<\/a><\/p>\n Forescout Vedere Labs is wrapping up its yearlong project looking at design vulnerabilities in operational technology with a closing report today that blames many of the issues they\u2019ve encountered on vendors of the technology not implementing designs that would build security into the systems\u2026<\/p>\n<\/a><\/p>\nThreat Reports<\/h3>\n
\n
<\/a><\/p>\nThreat Intelligence & Detection<\/h3>\n
\n
How We Do It<\/h2>\n
Firsthand Observations in Our Research Laboratory<\/h2>\n
<\/p>\nHow Vedere Labs Uses Artificial Intelligence<\/h2>\n
<\/p>\nVL KEV: Our Proprietary List of Vulnerabilities<\/h2>\n
<\/p>\nPartnerships and Threat Intelligence Sharing Groups<\/h2>\n
European Energy\u00a0ISAC<\/h5>\n
ETHOS<\/h5>\n
OT-ISAC<\/h5>\n
CISA JCDC and AIS<\/h5>\n
ACSC CTIS<\/h5>\n
Data. Lots of Data.<\/h2>\n
<\/p>\nDevices<\/h4>\n
\n
<\/p>\nThreats<\/h4>\n
\n
Forescout Research – Vedere Labs Featured\u00a0In…<\/h2>\n
<\/p>\nResearchers uncover software flaws leaving medical devices vulnerable to hackers<\/h5>\n
<\/p>\nCritical Bugs Expose Hundreds of Thousands of Medical Devices and ATMs<\/h5>\n
<\/p>\nGovernment cyber workers increasingly concerned hackers will strike during shutdown<\/h5>\n
<\/p>\nOT:ICEFALL FINALE<\/h5>\n
![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/10\/DrayBreak-Webinar-Feature.jpg\")
<\/p>\n![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/Daniel-dos-santos.png\")
<\/p>\n![](\"https:\/\/www.forescout.com\/wp-content\/uploads\/2023\/09\/Rik-Furgeson.png\")
<\/p>\n