Cyber attacks are increasing in volume and sophistication across every industry and category, leaving threat analysts and frontline security teams faced with a flood of information. The consequences of missing critical information are astronomical, but no human can keep up with this onslaught of data on their own.
You need relevant, real-time, accurate information – and scrolling through an endless list of sources won’t get you there. That’s why we’re excited to announce that Leo, your AI research assistant, now aggregates information on vulnerabilities, exploits, malware families, and threat actors into a single view so that he can help you proactively track and research CVEs.
Leo CVE Intelligence Cards gives you at-a-glance visibility into relevant trending vulnerabilities, and you can use Leo to focus any of your feeds for faster insight into risks impacting your business’s software, hardware, and application stack.
Information overload is real. This is why we enhanced Leo’s cybersecurity knowledge graph so he can help you proactively track and research critical vulnerabilities and zero-day exploits relevant to you.
With Leo, you can prioritize the CVEs that impact your organization’s technology stack and reduce the time it takes to investigate threats by up to 70%. All of this information is available at a glance via Leo CVE Intelligence Cards and throughout your Feeds.
Before using Feedly for Cybersecurity, my biggest challenge was to quickly sort through all the data to find the top CVEs by mention, and track their relationships with exploits, patches, etc. It would take a lot of work to search through unstructured text and large bulk files. With Leo, it’s so much easier to quickly review details of a CVE and its associated relationships.”
Michael Rossi, Independent Security Consultant, Cybeta
If you want to dive deeper into a CVE, exploit, or threat, Leo synthesizes vulnerability, patch, exploit/PoC, malware, and threat actor information into a single CVE Card. Leo eliminates the time you used to spend opening a new browser tab, searching, browsing for the resource you want, and skimming everything individually to find what mattered.
Instead of having dozens of research tabs open in your browser, Leo CVE Intelligence Cards consolidate the information into a single location where you have at-a-glance views of:
For new vulnerabilities that don’t have a CVSS assigned yet, Leo uses a proprietary NLP model based on the CVSS v3 methodology to forecast this score. This way, you can spot new threats and take proactive steps in real-time.
Color-coding helps you make quick decisions about the next steps in your investigation. The darker the color on the Awareness graph, the more people are talking about the CVE across the web.
Leo provides links to all the external resources you need to investigate the CVE, so you can more rapidly respond to threats and improve important cybersecurity metrics like mean time to detection (MTTD), mean time to investigate (MTTI), and mean time to remediate (MTTR).
Dig deeper, faster, to determine if a specific vulnerability represents a critical risk for your organization based on its technology stack to decide whether to flag the intel and share it with the rest of your team.
For example, you can click on “Affected System” or “Patched” to go directly to those sources like the National Institute of Standards and Technology (NIST) National Vulnerability Database or websites with patches for remediation purposes.
“Before using Feedly for Cybersecurity, it was hard to prioritize which vulnerabilities were more important at a glance and determine if they applied to our networks. Now that we use Leo, we have been saving so much time, it’s much appreciated!“
– Feedly for Cybersecurity Customer
In addition to his interactive CVE Cards, Leo also prioritizes the most recent and talked about CVEs, right on your Today page. Simply click on a CVE name to see the dashboard complete with the information necessary for critical decision-making.
Leo knows cybersecurity because we taught him about CVE, CVSS, exploits, patches, threat actors, and other security intelligence concepts. Leo summarizes the information from various resources including NVD, vendor advisories, blogs, Twitter, and Reddit so you don’t have to check each location, sifting through posts unrelated to the CVE you care about.
You can add new Leo Priorities on top of your current feed to add contextual business risk. For example, if your technology stack includes Oracle, Adobe, and Google Chrome, but not Samba, you can refine Leo’s priorities so you only see what’s relevant to your organization.
Train Leo to prioritize vulnerabilities based on CVSS score to increase the relevance of your feed. Leo can flag risks related to your organization’s unique technology stack so you can out pace attackers.
You can start by training Leo to surface CVE’s based on Qualitative Severity Rating Scale — choose our preset for “high” or specify the CVSS scores to build your organization’s context into what you see.
Training Leo by using “HIGH” in combination with either products or vulnerability types personalizes your feed based on your organization’s unique needs. This lets you focus on the risks specific to your organization, weeding out the information you don’t need.
All of these features, plus several more, are available as a part of Feedly for Cybersecurity. This package of Leo skills, enterprise features, and advanced knowledge graph access is perfect for cybersecurity teams that need to reduce noise and quickly identify risks. To learn more about any of these features, or start a free 30-day trial, click the link below.
Save time researching CVEs so you can spend more time securing them.
Discovered a supply chain data breach a week before the public announcement
Able to monitor hundreds of suppliers for breaches
Detected a critical vulnerability within 2 hours of its release and patched it immediately
This Feedly for Cybersecurity client has graciously allowed us to share their story on the condition of anonymity. Client names have been changed.
Started using Feedly Cybersecurity: 2020
This Feedly client plays a critical role across the Australian energy sector. In tandem with other market players, they help protect Australia’s national energy supply from cyber attacks. “We help keep the lights on for customers,” says Joe, Cybersecurity Threat Analyst.
The world of cyber threat tracking runs on a different clock than human speed. The firehose of cyber news makes it hard for our client’s security analysts to find the signal through the noise. Analysts like Joe and his team struggled to keep up with the onslaught of information. Joe used to manage his own personal spreadsheet of 350 sources of information, which he ranked by tiers based on how trusted they were. But the amount of screen time required to keep up with incoming information and identify trends was unsustainable. “The cyber world is like drinking from a firehose in terms of the information we see,” says Joe.
“There’s this concept of cyber time. Last week’s issue is like three years ago. We’re so swamped with information, we don’t have time to dive deep on a lot of stuff.”
– Joe, Cybersecurity Threat Analyst
As cyber threats and ransomware crews become increasingly sophisticated, the human ability to monitor the cyber threat landscape falls behind. No matter how knowledgeable you are, cybersecurity at human speed can’t keep up with ransomware crews using increasingly complex software to manage their operations.
For companies like this energy provider, the stakes are high. “If they encrypt our environment, we can’t supply energy to customers,” says Joe.
A data breach of even the smallest of our client’s vendors could put them at risk, so Joe and his team needed a way to keep an eye on even the smallest of breaches.
The analyst team at this company needed better tools to help leverage their time and attention and stop doing manual research. Joe’s team had been using Feedly to aggregate information for years. But when his boss, Oliver, Cyber Security Manager, found out that Feedly’s cybersecurity-specific plan could use AI to flag cyber attacks, threats, and vulnerabilities, they knew they had to try it.
Oliver created Feeds around three main focus areas: renewable energy sources + cybersecurity, critical vulnerabilities, and supply chain threats.
The team selected sources of information they trusted to track cybersecurity news. Not all articles from their trusted sources concern the energy sector. To filter out cybersecurity news unrelated to the energy sector, they configured Feedly AI to flag articles about the specific areas they care about.
“Before using Feedly AI, we had very generic Feeds. We were just looking for energy and cybersecurity news in our region. But over time, I’ve been able to nuance our requirements over supply chain attacks, like Solar Winds.”
For example, the analyst team has always tracked news at the intersection of cybersecurity and the energy sector. But once they started using Feedly for Cybersecurity, they created an AI Feed to flag articles that cover ransomware in the energy industry.
“We were concerned about the supply chain risk for our company,” says Joe. “We talked to our internal procurement team to really understand our top 30 providers, with whom we spend millions of dollars.”
To track supply chain risks, the team selected the exact vendors they work with and created a personalized stream of intelligence to track risks coming from their supply chain. “We were able to turn the list of our top partners into an AI Feed and ask him to flag cyber attacks targeting those partners,” explains Joe.
With an AI Feed n place, Feedly AI flags articles about data breaches related to any of the company’s suppliers, so they’ll know when one of the companies in their supply chain is breached or attacked. Feedly AI recognizes most of these names as companies, so he can differentiate if an attack is about Amazon (company) vs. Amazon (the river), for example.
Beyond their internal intelligence team, Joe and Oliver share information across several platforms with peer organizations cybersecurity teams around the globe.
Joe and Oliver add critical articles to a specific Feedly Board. They’ve connected the Board to the collaboration platforms, so when Joe or his teammates add articles to the Board, their security community will automatically see critical updates.
In October 2020, thanks to the work Joe had done to create AI Feeds based on their top 30 suppliers, his team proactively identified a data breach from one of their vendors.
“Thanks to my supply chain AI Feed in Feedly, we identified that one of our vendors had been breached a week before the company actually officially told us.”
This proactive alerting allowed Joe’s team to inform procurement areas and monitor leak sites to see if any sensitive material had been published. Luckily none had been released, and the issue eventually went away.
In March 2021, Joe checked his Feedly in the morning as usual, and found an F5 breach within two hours of the breach itself. “I was sitting at my desk, and I saw the F5 vulnerability pop up in Feedly. I pushed it out to management, and then there was a massive effort to patch that problem within two days, which was awesome.”
“I was sitting at my desk, and I saw the F5 vulnerability pop up in Feedly. I pushed it out to management, and then there was a massive effort to patch that problem within two days, which was awesome.”
When a vulnerability is exposed, “information overload goes up — you can see how the malware reporting goes up associated with that particular vulnerability” says Joe. In response to an exposed vulnerability, there’s a corresponding increase in exploits. That’s where Feedly comes in. Instead of wading through pages of articles about vulnerabilities and exploits that don’t concern his company, Joe can use Feedly AI to surface vulnerabilities and exploits relevant to them.
“And that’s the power of Feedly. Using the smarts, intelligence, and Feedly AI’s natural language processing to align vulnerabilities with exploits. What pops out at the end is what you need to know, what you need to take action on. Not the noise.”
In late 2020, the analyst team discovered that a smaller supplier was attacked after using a tool with an unpatched vulnerability. Criminals were able to steal data through a File Transfer tool. Our client was spending a relatively small amount of money with this company, so they weren’t on their list of top 30 suppliers, but this made Joe and his team realize they needed to expand their supply chain tracking in Feedly.
The more they personalize their Feeds with help from Feedly AI, the more our client’s security analysts can stay focused on the real threats. As Joe trusts Feedly more and more, he can focus on the high level analysis, and rely on Feedly AI ‘s natural language processing to do the tedious work for him.
Joe is excited for the possibilities to get even more proactive with upcoming Feedly features. In addition to their supply chain tracking project, the analyst team plans to use the Feedly API to push alerts directly to their internal intelligence platform, which will make it even easier to focus on threats.
From a proactive monitoring perspective, the power of using Feedly is to actually inform you of breaches before anyone else knows.”
Streamline your threat intelligence in Feedly so you can focus on real threats and ignore the distractions.
An inside look at how the Airbus CyberSecurity team is using Feedly to monitor and share actionable insight
Drew Gallis, analyst at WillowTree, leverages Feedly for Cybersecurity to track cyber threats across the company’s supply chain and protect client
“Hi folks, this is Remi from Feedly. I wanted to share with you the latest updates on the Leo cybersecurity skills, which has to do with vendor advisory integration. Very exciting one.
The premise for this is that we’ve heard from a lot of our customers that connecting Leo’s knowledge graph directly to vendor advisory sites would be highly beneficial to get updates on CVEs faster, basically immediately as they get published on those vendor sites.
So we built it as you can see, we started integration with the most prominent vendor sites, as you can see here. So we’ve got our Microsoft, Oracle, Cisco if you have any vendor of choice that is not in this list, please let us know because we’re continuously adding more vendor sites to to the knowledge graph. Your feedback is important and will be taken into consideration.
To show you what that looks like, if you take a look at your Today page and your CVE dashboard and your trending vulnerabilities on the right hand side, you can zoom in to this latest vulnerability for Microsoft from a couple of days ago. Click on the CVSS score, which just normally just opens up the NVD page for that vulnerability, you can see that at the NVD level, this is still under undergoing analysis. And there isn’t much detail about it yet on the Phoebe side of things.
Thanks to Leo, you still have all of the elements that appear over here, as well as your usual reference articles and all the chatter around that particular CVE. This is because Leo is picking up that information directly from the Microsoft site and makes all of these updates again, almost in real time. So the outcome of this is that you can really be aware of what’s happening around these critical vulnerabilities sooner without having to go individually to all these other sites and looking up IDs.”
Tenable, Mozilla, Google Android, Microsoft MSRC, Cisa, Google Chrome, F5, Cisco, Apple, Redhat, zdi, CERT/CC, Oracle, Rapid7, Palo Alto Networks, Dell, Adobe, Apache, Checkpoint, IBM, Siemens, Juniper, Jenkins, OpenVPN AS, Apache Tomcat, ElasticSearch, Google Cloud, NGINX, Haproxy, SAP, CNA vendors NVD, ISC, Netapp, Atlassian
Yes! Contact your Customer Success Manager and we are happy to connect additional vendor advisories for you.
Contextualized CVE information for faster threat research, without the overwhel
This analyst team designed AI-powered security Feeds in Feedly that proactively alert them about specific topics, threats, and threat actor
When the world went into lockdown back in March 2020, Steve Makofsky, like many of us, was feeling a little restless.
Steve, a long-time tech executive (Disney, Nike), is an engineer with a passion for streamlining his workflow and feeding his mind. Could he find a quarantine project that allowed him to do both while keeping up with his insane to-do list? With a little ingenuity (and the help of Feedly), the answer turned out to be yes.
Back in the day Steve, a tech old-timer, stayed up to date via blogs. As a reader he found it easy to discover interesting new perspectives simply by checking the blog rolls of his favorite writers and visiting the sites they recommended. As the author of a couple of books on programming he also blogged himself to drive interest towards his work.
But as the Internet evolved, Steve found less and less value in blogs. He still dug around online for useful takes and fresh voices, but it felt a whole lot harder to find them. “Something has been lost in blogging,” he says. “I found discovery of similar content to what I like, or maybe opposing views to challenge some of my ideas, has been a real struggle.”
As a service to a small group of friends and colleagues facing similar challenges, Steve began sending out an ‘annual report’ listing resources they might find interesting. He often received grateful notes in reply. Then, coronavirus struck and Steve found himself with time on his hands. He wondered if he couldn’t supercharge his ‘annual report,’ turning it into a weekly newsletter offering links to great resources from around the web.
Steve has an extremely busy day job, which means he needed to find an efficient way to discover and process content for his new passion project. Enter Feedly, stage right. He began supplementing his existing feeds with content he discovered using Feedly AI, as well as scouring Twitter and Reddit for interesting sources.
He also subscribed to a number of Substack newsletters, which he’s happy to aggregate with the rest of his content via Feedly, sparing his inbox further clutter. “I’m glad I don’t have 83 things hit my inbox every day anymore,” he laughs. Steve then uses Feedly to sort all these insights into topical feeds like ‘Mind Changers’ (for writers that often shift his perspective) and ‘Workflow’ (for time-saving tips). (You can read a deeper diver into his aggregation process here.)
It’s an incoming river of content, but Steve has designed a streamlined system for winnowing it down to just the ten or so links he includes in his weekly newsletter.
“Every two or three days, I have a reminder to clean out my to-read list. I carve out 30 minutes in the evening to read some stuff. By the end of the week, I end up with 30 or 40 tagged items. I spend Friday night really going through them, getting the pulse of what I want to talk about, and limiting them down to ten,” he explains.
A bit of clever automation Steve built allows him to export his top links, along with their headlines, into a template. After another 30 minutes of summarizing and polishing, he’s ready to hit send on his weekly newsletter of suggested links.
Click here to follow Steve’s blog, right from your Feedly account.
All together that adds up to no more than a few hours a week for Steve’s newsletter side project, but he’s seen sizable benefits from this modest investment of time. First, recipients seem genuinely appreciative. “Oddly enough, it is gathering an audience,” he says of his weekly updates. “I did not expect that. I just write pretty authentically, but it seems to resonate with people.”
Perhaps even more importantly, Steve believes the project not only kept him occupied in quarantine but also gives him a leg up professionally.
“The process has kept me in tune with what’s going on around me with technology. I’ll sit around with my colleagues and I’ll be talking about something they don’t know about. So it enables me to keep up with what’s up and coming. It’s good mental exercise.”
With all due respect to quarantine baking or gardening, that is a pretty impressive benefit for a lockdown side project.
Cybersecurity vendor risk management (VRM) is notoriously difficult. Security teams need to know when their vendors experience a security incident, but they often lack visibility into supply chain threats.
Many companies only learn about a security incident when the vendor notifies them. Meanwhile, as soon as threat actors know about a vulnerability, they start acting on that knowledge, which leaves you increasingly vulnerable.
Additionally, not every vulnerability affects your security, and not every vulnerability affects your security equally. You need meaningful, real-time insight into the high risk threats facing your company and supply chain vendors.
With Feedly for Cybersecurity, you can create Feeds tailored to your technology stack and supply chain, including hardware, software, and firmware for streamlined monitoring enabling proactive remediation. Unlike keyword matching, Leo uses artificial intelligence to recognize key information so that you never miss important information. You can also share this focused risk intelligence with industry peer groups like Information Sharing and Analysis Centers (ISACs) or team members using email, messaging applications, and the Feedly API.
From a proactive monitoring perspective, the power of using Feedly is to actually inform you of breaches before anyone else knows.”
Anonymous Cybersecurity analyst in the energy industry
Threat researchers use many different intelligence tools. Whether getting data from a managed services provider (MSP), setting news alerts, following social media, or collecting cybersecurity newsletters, the time and information overload is overwhelming. To reduce noise, you might be setting alert emails to come in once a day. However, filtering through all those emails is time-consuming and overwhelming. On top of this, once you find a nugget of valuable information, you need to do independent research to get the details you need to protect your company, and you need them quickly.
We trained Leo to understand cybersecurity and critical vulnerabilities to synthesize all the information you need. Training Leo by setting Priorities based on your vendor list lets you teach him to focus on only what you need to secure your environment information. Priorities help you teach Leo about the risks unique to your supply chain, whether it’s hardware, software, or a non-technology business partner.
By customizing your Feed using Leo and Priorities, you fine-tune your threat intelligence and build visibility around risk criticality.
Leo knows cybersecurity, and you can teach Leo to know your supply chain risk, too. With the LEO CVE Dashboard, you get at-a-glance, real-time visibility into:
More than just reducing the noise, Leo streamlines threat intelligence research with visualizations that help you prioritize your organization’s risk.
In your Today feed, you’ll see a list of recent, critical vulnerabilities for at-a-glance visibility into new threats facing your technology stack.
When you click on the vulnerability, you’ll see a color-coded awareness graph for at-a-glance visibility into what people are saying about a specific CVE.
The clickable boxes direct you to more information about the vulnerability, including:
By training Leo and setting Priorities, you get focused threat intelligence giving you the visibility you need and enabling you to respond more rapidly to new threats. This visibility improves key cybersecurity metrics like reducing mean time to detect (MTTD) and mean time to remediate (MTTR).
For example, one customer in the energy industry used Priorities alerting them to a new vulnerability so that they could patch the problem within two days, rather than having a security weakness that could lead to a data breach. .
Setting Priorities to teach Leo about your critical supply chain risks is an intuitive process.
Start by defining the level of CVE criticality you care about most. If you need more than one Feed so that you can look at High Risk and Moderate Risk CVEs, you can do that, too.
Now, personalize that Feed to your current critical technologies and business partners. You can add any as you want, including business applications, messaging apps, or any other critical vendors that your team wants to monitor. To add more terms and risks, just click ‘OR’ and add each new term.
Once you have the information, you need to share it across the team to remediate risk. The Feedly Cybersecurity API gives you a way to share information and reduce MTTR.
Feedly supplies access tokens so that you can send the aggregated CVE/CVSS/Exploit information using JSON format. By translating to JSON, Feedly gives you a way to align your threat intelligence with your event log data to enhance correlation and analysis. With our API, you can connect your threat intelligence into any Security Information and Event Management (SIEM) or Security Orchestration, Automation, and Response (SOAR) solution that uses these integrations. For example, the Feedly API adds metadata to articles including associated malware families and threat actors, entities mentioned, and MITRE tactics and techniques., With all the information you need in a single location, you bring together the technical information and threat intelligence together for full visibility into all risks.
Finally, you can forward critical security data directly to your ticketing application, like Jira, and build it directly into your team’s workflow. This capability saves time since you don’t need to jump between different windows and applications.
“Leo makes Feedly unique because he allows us to build queries and thus create our own Feeds. This gives us the ability to focus on the articles we WANT to read.”
Anonymous Cyber Threat Intelligence Researcher
Feedly for Cybersecurity streamlines supply chain threat research to help you more rapidly respond to emerging threats.
The only constant in the realm of cyber security is change; hackers are continuously maturing and becoming more sophisticated, attack patterns are constantly evolving, and the threat landscape is growing more volatile every day; one cyber attack occurs every 39 seconds.
That’s why we’ve enhanced Feedly AI’s knowledge of cyber attacks, targets, and industries so you can keep pace with the threat landscape and do what you do best: maintain the integrity of your security posture. You can ask Feedly AI to flag critical cyber attacks in your feeds and focus on specific attacks targeting your industry or supply chain. You can also push attack insights to your internal platforms via the Feedly API.
Feedly AI flags important information to focus your efforts on targeted insights. Feedly AI understands cyber attacks because we taught him about malware, ransomware, data breaches, phishing, social engineering, and fraud.
You can train Feedly AI further and have him focus on the specific topics, threats, and threat actors you care about to gain a deeper understanding of the threat landscape as it applies to you.
From a proactive monitoring perspective, the power of using Feedly AI is to actually inform you of breaches before anyone else knows.”
Cybersecurity Analyst at a top energy provider
You can start by training Feedly AI to recognize cyber attacks as a smart topic, a concept that Feedly AI has been trained to understand with our AI models. Simply navigate to the security category you want to add this insight to and enter “cyber attack” as a topic. Training Feedly AI to highlight cyber attacks in your security feed keeps you up-to-date with the most recent reports. Highlighting the attacks that are actually being conducted in the wild helps you effectively prioritize and ensures you never miss a thing.
We’ve taught Feedly AI to recognize 19 industry sectors to ensure you always have the most current industry-relevant threat intelligence at your fingertips. Don’t see your industry? No problem! Ask us and we’ll teach Feedly AI to recognize it.
We were able to turn the list of our top partners into an AI Feed and ask Feedly AI to flag cyberattacks targeting those partners. That’s how we identified that one of our vendors had been breached a week before that the actual company told us.”
Cybersecurity Analyst at top energy provider
Feedly AI also recognizes each company listed in the Forbes Fortune 500 list to help you optimize and maintain your vendor security initiatives.You can gain these deeper insights simply by adding the industry or company you want Feedly AI to flag for you.
You can use Feedly AI to detect new risks, reinforce your vendor risk programs, and potentially be the first to discover a breach.
Track up to 1,000 vendors in your supply chain to see the most relevant cyber attacks early.
Supply chain attacks have been in the limelight recently. Now, Feedly AI can help you cross-reference your known vulnerabilities with the latest threat intelligence. Proactive alerting informs you of critical vulnerabilities, cyber attacks, and emerging threats before anyone else. Need to know about zero-day exploits as soon as they are targeted? No problem. Need to create your own list of companies you want to track? Feedly AI has your back.
Every second counts in cybersecurity. You tell Feedly AI what you want and it populates the insights you need, when you need them.
Feedly AI does the work upfront so you can filter out the noise and save massive time, working smarter and faster. Up to 80% faster.
Before using Feedly AI to track cyber attacks, we would struggle with an overload of data and waste time sifting through information. Our feed is now 2-3 times shorter, we do not miss out on any important cyber attacks and we earned back so much time!“
Anonymous Cybersecurity Analyst
The Cyber Attack AI Model is one of the advanced AI skills in the Feedly for Cybersecurity package.
Contextualized CVE information for faster threat research, without the overwhel
This analyst team designed AI-powered security Feeds in Feedly that proactively alert them about specific topics, threats, and threat actor
Asking Leo to monitor topics, trends and concepts you care about with a Web Alert is a great way to make sure you never miss what’s important to you. Leo’s advanced knowledge graph allows him to recognize topics and concepts like a human research assistant that never sleeps, saving you countless hours.
When you set up a Leo Web Alert, he will read hundreds of millions of sources across the web, even sources you aren’t already following. We’ve previously talked about refining your searches to reduce noise, but in some cases you may prefer to widen the net.
If this is the case, this article is for you! Below are our best tips for making Leo Web Alerts as broad as possible. This is especially helpful if your topic is very niche, or your job requires you to keep on top of even small mentions.
If you never want to miss a mention of your topic, you can ask him to look for ‘Everything’ across the web, not just article ‘Titles’. This ensures Leo will find even small mentions in long articles. This is a great way to ensure you’re never missing relevant commentary across the web.
You can further expand your feed by requesting more articles per week related to this topic. Think of this like telling Leo not to leave anything out of your feed, even small mentions. This is especially important if your job involves close tracking of niche concepts.
Generally speaking, Leo Web Alerts will be more relevant than Google News Alerts or keyword alerts. This is because Google News Alerts limit your search only to top news and trade publications, and keyword alerts track exact keyword matches, rather than smart concepts.
When comparing a similar Google Alert and Leo Web Alert inside Feedly, you can see that there is some overlap, but Leo surfaces even more relevant articles, and Leo gives you the ability to refine your search as needed to decrease noise.
If you’re not ready to convert your Google Alerts, you can have both in a feed! Google Alerts are indicated by the magnifying glass icon, while Leo Web Alerts are indicated by the bullseye icon. If you want to compare results between your two alerts, set them both up as sources for the same Feed, and you’ll be able to compare results side-by-side daily.
When you’re ready, you can delete one of the alerts or refine your Leo Web Alert anytime by hitting ‘Refine’ in the upper right corner of your Web Alert.
We’ve been working hard on Leo Web Alerts behind the scenes, and helping you be successful is our top priority. If you’re still struggling to get your Feeds just right, we can help. Click below to schedule a short call with one of our experts, and we’ll have you up and running in no time. We can’t wait to meet you!
Web Alerts are a no-brainer for anyone who needs to be on top of things that matter to them. I found using Google Alerts inconvenient because I’d have to set them up outside Feedly. Now that I use Web Alerts, I am sure that I am keeping as much in Feedly as possible.”
Mark Evans, Principal Product Manager, LexisNexis Risk Solutions Group
Schedule a quick session with a customer success manager and we’ll set up your Leo Web Alerts together.
There’s a fine balance between reducing noise and never missing out on important information. Leo Web Alerts let you cast a wide net: Just tell Leo to track your chosen concept (like companies, trends, technologies, malware families…) across the web, and you’ll get the results in Feedly. Then, refine your Web Alerts based on your specific requirements. In this tutorial, we’ll show you a few advanced tips and tricks that can help you optimize the signal-to-noise ratio based on your area of interest.
When you’re setting up a Web Alert, Leo can track your topic across “Everything” — this means he will read article titles and the full text, searching for the concepts you’re interested in.
This is a great way to make sure you’re never missing out, but can sometimes result in noise in your feed. For example, if your topic is mentioned in a long article, but is not the subject of the entire piece.
To avoid this noise, you can switch to “Title” matching mode, and Leo will surface articles that mention your topic or concept in the title only.
When tracking a concept with keywords, you have to manually list out possible keywords. We’ve pre-trained Leo to recognize hundreds of concepts, so you can replace a long list of keywords with a single concept. Leo Concepts are machine learning models that replace large sets of keywords, remove blind spots, and reduce noise.
For example, if you want to track product launches with keywords, many articles might mention the phrase “product launch” rather than actually provide news about a launch. You can leverage Leo Concepts, as Leo has been trained to recognize and flag launches — even if they don’t contain the phrase “product launch” at all — in articles like this one, for example.
Then, combine concepts (like adding your industry or a specific company you want to keep an eye on) to improve the signal-to-noise ratio even more.
You can specify how many articles per week you want to see related to this topic. Think of this like telling Leo how picky you would like him to be when he chooses which articles to show you.
In the first step in the slider, Leo reads manually curated top-notch industry publications, blogs, business and strategy magazines, and research journals. As you move the slider to the right, Leo will browse through sources that are less and less popular. Adjusting the velocity slider can drastically reduce noise in your feed.
Leo knows the difference between a research journal or a news article, and between a news article and a blog post, etc. This is incredibly helpful when you want to keep up with everything related to your topic of interest, but you only want to hear from experts.
Under the “Sources” tab, you can select from a variety of bundles of sources.
To exclude a noisy source or topic in your preview results, you can click the Less Like This button.
You can also exclude topics when you’re creating a Web Alert with the ‘NOT’ section.
For the best results, we recommend starting with a wide net (Leo recommends the best settings for you by default), and using the preview screen to refine more. Web Alerts become a “source” for your specified Feed, and you can always go back and refine them further.
To recap, here are the basic steps to translating your intelligence needs into Leo Web Alerts:
To refine an existing Web Alert, click on the Web Alert inside your Feed, and you’ll see a “Refine” button — this returns you to the screen where you originally set up this alert and allows you to update it as and when necessary.
Leo gets smarter as you give him more feedback. You can give Leo feedback by selecting “Less like this” on articles that aren’t quite right. Leo will adapt based on your feedback and become even more helpful over time.
Start a free 30-day trial of Feedly Enterprise and get access to advanced Leo Concepts for Cybersecurity, Biopharma, and Market Intelligence.
You can now track specific topics, companies, threats, technologies, and emerging industry trends across the entire web. Here’s how
How experts in industry intelligence, cybersecurity, and biopharma created Leo Web Alerts to track key topics and trend
The best way to get inspiration to create your own Leo Web Alerts and optimize the signal-to-noise ratio for your intelligence purposes is to look at examples that other researchers and analysts have created in Feedly. Here, we’ll show you examples of Leo Web Alerts that real Feedly users across industries use to track relevant trends and topics across the web.
Analysts at a gaming company combine the Non-Fungible Token (NFT) concept with Video Games to track NFTs in their space.
Track innovation by your competitors or companies of interest, whether they’ve filed a new patent or created an existing technology.
An analyst at a retail company tracks the strategic moves their competitors are making: Are they launching new products? Raising funds? Signing partnerships? Combine the company with the various strategic moves you’re interested in to track these happenings.
Analysts in the finance space combine the Consumer Insights concept with the Finance Industry” topic to surface insights on changes in consumers’ behavior in their space.
Content Type concepts look for specific types of content (tutorials, listicles, expert insights, interviews, etc). Content creators and content strategists find inspiration for specific types of content by combining a content type with a social media platform, industry, or topic. For example, if you’re a social media strategist, you can track TikTok AND Tutorials to find examples of existing tutorials about TikTok.
This one’s simple. Salespeople targeting leads interested in specific leaders in the space just ask Leo to track that specific person.
Automate analysis with machine learning and effortlessly surface the insights that matter to you.
Cyber threat intelligence analysts use the Vulnerability concept to track vulnerabilities and filter them based on their CVSS score (actual or predicted). They combine the Vulnerability concept with a specific company, whether one of their customers or in their supply chain, to keep an eye out for critical vulnerabilities affecting the company.
Analysts research specific threat actors and their corresponding tactics and techniques according to the MITRE ATT&CK framework by combining Threat Actor names with the Tactics and Techniques (MITRE ATT&CK) concept.
Analysts use the Cyber Attacks concept combined with companies of interest (their own company, vendors, customers, or competitors) to track cyber attacks affecting these companies.
Streamline your open-source intelligence workflow with Leo, your easy-to-train AI research assistant.
Researchers at biopharma companies combine their disease of interest (like Diabetes Mellitus, Type 2) with the Scientific Breakthroughs concept to stay on top of the latest breakthroughs and innovations made by companies, startups, and research teams around this disease.
Researchers at top pharma companies combine the concept of their disease of interest (Neoplasms, in this case) with the Regulatory Changes concept to track new laws and regulations, high-court rulings, bans, FDA and EMA approvals concerning this disease.
Create personalized biopharma feeds to proactively track specific diseases, topics, and trends.
You can now track specific topics, companies, threats, technologies, and emerging industry trends across the entire web. Here’s how
Get what’s relevant to you in your feed using Leo Web Alert
We’re looking for a hands-on Marketing Automation Manager with Hubspot expertise to help us level up our B2B marketing efforts. You will own our Hubspot environment across the Marketing, Sales and Customer Success teams, and be responsible for educating the broader organization on data hygiene and digital marketing best practices.
Leverage Hubspot and other automation tools to improve marketing processes and productivity, keep up with and implement digital marketing best practices, and make recommendations to support the success of the marketing team.
Manually keeping up with the topics and trends you care about is tedious and overwhelming.
Feedly is an AI-powered research tool that allows individuals and organizations to track key industry trends, without the overwhelm.
We serve 15 million individuals and 2,000 organizations.
Feedly is a remote-first, self-funded, fast-growing, and profitable startup, located in the San Francisco Bay Area.
We’re a small and ambitious team that works closely in sync while each taking real ownership of our respective areas.
Our mission is to make Leo the world’s most helpful AI research assistant.
Traditional keyword matches fail to understand aliases, synonyms and abbreviations, and standard content monitoring tools don’t allow you to track segments or industries, which puts you at risk of missing key information that could help you monitor the major players in your industry.
Today, we are excited to announce a new AI Model, Fortune 500. This smart topic enables you to track mentions of the top 500 US companies without having to list each company (and their aliases) individually.
Imagine you’re an analyst at a bank, and you’re interested in tracking what large companies and competitors are implementing around cryptocurrency and blockchain technology.
You can layer topics like “Cryptocurrency” with the Fortune 500 smart topic to find relevant articles quickly and ask Feedly AI to include them in your Feeds.
The Fortune 500 smart topic is available to Enterprise level customers. Try it today, or start a 30 day trial here.
Before using Feedly AI, our team at Danone would struggle to find the most relevant information about our market and competitors. We would need to track our competitor names on Google News which would bring a lot of noise. Now that we use Feedly AI to track our competitors, we have easy access to articles that are super aligned with what we need to track in our day to day.”
Yong Wang, Strategy & Global Insights, Danone
Put the power of AI in your hands, and track Fortune 500 events and trends proactively. Now available to all users in our Enterprise plan.
This smart topic, as well as, Big Tech and industries, and more are part of Feedly AI’s Advanced AI skills, and are available as part of our Enterprise level plans.
Yes! We offer a 30-day free trial of our Enterprise level plan, including onboarding and access for your team. Request your trial here.
Each organization in the “Fortune 500” entity belongs to the list of the 500 largest United States corporations (by total revenue in 2020), listed by Fortune here.
Absolutely! Several of our Enterprise customers have shared lists of companies they would like to track in their Feedly. Please reach out to enterprise@feedly.com if you’re an Enterprise customer and we can help you track a custom company list.
Keeps track of critical vulnerabilities in the supply chain so he can react quickly.
Went from spending 2-3 hours sorting through threat intelligence news to 30 minutes of reading only the most relevant articles.
Monitors breaches and vulnerabilities that could put clients at risk…and creates proactive solutions before they become disasters.
Started using Feedly For Cybersecurity: 2020
WillowTree is a digital product consultancy with clients including HBO, Domino’s, Anheuser-Busch InBev, FOX Sports and Hilton. Drew Gallis, a security analyst at WillowTree’s Virginia headquarters, is part of a small team responsible for company security and for proactively alerting WillowTree’s clients of security concerns.
With a small team dedicated to cybersecurity, efficiency is everything. The team at Willow Tree has to stay on top of the threat landscape so nothing falls through the cracks. While Drew’s official title is “Cyber Security Analyst,” he wears multiple hats: incident response, incident remediation, reporting on security news, and securing web and mobile applications developed by WillowTree, with 20-30 projects running at any given time.
Drew is deeply passionate about cybersecurity and wants to get the word out to everyone in the company. He’s genuinely excited about sharing information that helps other people (developers, clients, etc.) do their jobs better and be safer.
Only about 20% of Drew’s job is dedicated to risk and analysis, and even less of that time is available for news monitoring. So he needed a way to find the best news about critical vulnerabilities without eating up the rest of his time at work.
Drew’s mentor and supervisor, Adrian Guevara, Head of Cyber Security at WillowTree, had been using Feedly’s free plan for years to consolidate all of his cybersecurity information into one place. So when Drew and his team learned about Feedly for Cybersecurity’s ability to help them refine their Feeds and prioritize the most important information, they had to try it.
“I only have about 20% of my day to look into risk and analyze different things going on within our organization. I wanted to narrow our data and focus on certain points with my limited time.”
Drew Gallis, Cyber Security Analyst, WillowTree
Adrian and Drew already had all of their top cybersecurity sources organized into Feeds on the free plan. So when they joined Feedly for Cybersecurity, all they had to do was start using Feedly AI to prioritize the most important news. Feedly AI reads every article in their Feeds, and then separates the most important ones into the ‘Priority’ tab. Thanks to this sorting and organization, Adrian and Drew can spend their limited attention reading the high-priority news first.
“The biggest thing for us was exploring Feedly AI’s functionality. We made tailored filters to prioritize specific services, specific programming languages, specific packages, and different vendors we use.”
First, Drew set up AI Feeds for all the software tools and services that they use internally at WillowTree. This was simple: He just used AND to add each supplier’s name.
Then, Drew added a layer to this AI Feed. In addition to prioritizing products and services used at WillowTree, he prioritized high CVEs for services in WillowTree’s tech stack.
“Normally there wouldn’t be too many articles in my Priority tab, so if I saw a news article pop up, I knew it would be something pressing.”
Drew asked Feedly AI to prioritize articles that mention any of the major programming languages used for clients at WillowTree. These include: Swift, .NET, Python, C, JavaScript, and TypeScript.
Drew also wanted to prioritize news about breaches or cybersecurity events affecting WillowTree’s clients so he could notify them as soon as possible. He used client names (most of which Feedly AI recognizes as companies) in a Priority looking for data breaches.
Since WillowTree is a primarily MacOS company, they’re especially interested in any vulnerabilities affecting MacOS. Drew asked Feedly AI to prioritize vulnerabilities related to MacOS so he could easily tell the rest of the company if there was something to be concerned about.
Since using Feedly AI, Drew has been able to cut down intelligence gathering time every day to just 30 minutes. He knows which articles are most important to read, and can easily see what’s happening in the world of cybersecurity. Not only can he respond quicker to threats and vulnerabilities, Feedly AI also gives him more time to focus on other important work.
“Instead of having to look and sort through articles over 2-hour periods, now I can do it in about 30 minutes, and get better quality of information with Feedly AI.”
Drew leveraged his Feedly setup during the SolarWinds attack to get the critical information, without the noise that happens during this kind of event. Drew didn’t care about the editorial commentary around SolarWinds; he wanted the technical facts so that he could serve his company and their clients.
How WillowTree sorted technical updates from news commentary during the SolarWinds breach: Read the full story.
Beyond the SolarWinds event, Drew is able to equip WillowTree developers with the information they need to protect the company. Whenever he finds a vulnerability through Feedly, he shares more about it with the team so they understand why fixing it is important. He also uses the information he finds in Feedly to verify Proof of Concepts (PoCs).
Drew also uses Feedly to get indicators of compromise (IoCs) to share with clients, to better protect them now and prevent future threats. He can now send developers and project managers actionable documentation that they can share with clients in the case of a threat.
Before using Feedly AI, Drew spent upwards of two hours each day monitoring security news. Now, he’s reduced the time spent monitoring to just 30 minutes per day. Since using Feedly AI to prioritize critical news, he spends 75% less time, but gets better quality information because his Feeds are tailored to his exact needs.
“Security news is massive in terms of the scope and the breadth it can go, because each industry has different news. Feedly will save you time and help you condense all of your news articles and news feeds into one place.”
Drew’s team is expanding with a new security hire soon. He plans to train the new team member on the monitoring foundation he’s set up with Feedly so he and his team can continue to efficiently monitor supply chain threats, alert clients, and get the information they need.
Streamline your threat intelligence in Feedly so you can focus on real threats and ignore the distractions.
How one cybersecurity analyst leveraged Feedly to proactively evaluate news around the breach and protect his company and their clients and stakeholder
An inside look at how the Airbus CyberSecurity team is using Feedly to monitor and share actionable insight
Back in 2020, it wasn’t hard to find information about the SolarWinds breach. In fact, the problem for cybersecurity analysts like Drew Gallis was the deafening noise of commentary about the breach. In a time of crisis, sites like New York Times and other editorial sources tend to drown out actionable technical information from security-specific sources.
“SolarWinds catapulted into this massive newsline of all these articles saying stuff with no technical insights.”
Drew Gallis, Cybersecurity Analyst, WillowTree
Drew is a cybersecurity analyst at WillowTree, a digital product consultancy with clients including HBO, Domino’s, Anheuser-Busch InBev, FOX Sports and Hilton. He’s part of a small security team responsible for incident response, incident remediation, reporting on security news, and securing web and mobile applications. Given the limited amount of time he has for monitoring threat intelligence, Drew needed a way to separate critical technical updates from useless news commentary around the SolarWinds attack.
“A lot of news organizations just point fingers at different companies, without actually providing any technical backing as to why they’re saying these things,” says Drew. He needed to find useful, actionable information he could leverage to equip his company with the facts they needed to protect themselves and their clients from breaches related to SolarWinds.
Drew and the cybersecurity team at WillowTree leaned heavily on their Feedly setup to monitor security news during the SolarWinds attack. In the article he published about the breach, Drew writes, “Feedly allows us to leverage and utilize Feedly AI, which can sort and aggregate our “feeds” by filters which narrows down on key indicators such as organization breaches, critical CVEs, vendor releases, system vulnerabilities, new security tooling, etc.”
“I used Feedly to find the real technical insights as to what happened during SolarWinds. So I could easily see IoCs and technical documentation as to how the attack was carried out.”
Drew used Feedly AI to quickly eliminate false information which was abundant on the topic, such as accusations of Russian-owned company TeamCity. He was also able to gather any indicators of compromise (IoCs) on the issue, such as logs, data, and statistics.
By gathering threat intelligence during the SolarWinds attack, Drew and his team were able to hand off actionable reports to developers and project managers to help WillowTree’s clients proactively protect against breaches. He says “I use Feedly to consolidate information and quickly generate actionable documentation and reports that we can then share with our clients. For SolarWinds, I was giving our clients indicators of compromise and different domains associated with the actual breach so they could better protect themselves.”
Drew uses the information he finds in Feedly to make sure he’s not only educating clients about indicators of compromise and proofs of concept related to SolarWinds, but also helping them protect themselves during future attacks.
“I use Feedly to consolidate information and quickly generate actionable documentation and reports that we can share with our clients”
WillowTree uses Feedly for Cybersecurity to separate the actionable insights from the noisy commentary. To learn more about using Feedly for threat intelligence, read the full case study about WillowTree’s setup.
Start a 30-day trial of Feedly for Cybersecurity and keep up with critical threat intelligence, without the noise.
Drew Gallis, analyst at WillowTree, leverages Feedly for Cybersecurity to track cyber threats across the company’s supply chain and protect client
An inside look at how the Airbus CyberSecurity team is using Feedly to monitor and share actionable insight
Curating relevant content for newsletters to inform recipients across the company
Spending less than 1 hour daily on Feedly to select relevant insights
Discovering and organizing open-source biopharma news in one place
This Feedly for Biopharma client has graciously allowed us to share their story on the condition of anonymity. Client names have been changed.
Sienna is a Knowledge and Insights Advisor at a top 10 pharmaceutical company in Australia. Sienna and her team are responsible for two main tasks: responding to specific, timely questions from doctors or researchers across the company, and proactively keeping employees up-to-date on industry developments or innovations.
Doctors and researchers might ask Sienna’s team whether a particular drug was ever linked to an adverse event, like “Has amoxycillin ever caused encephalitis?” Or they might answer questions about new drug delivery platforms, like “How do you get our large molecule drug inside the cell so that it can actually get to the target, where it will do the work of curing the disease?” For questions like these, Sienna and her team seek information to compile resource lists or reports.
The second part of the job is proactively keeping people across the company up to date on drug developments, political decisions, and any other industry developments or innovations. Sienna and her team send out 50 different newsletters about relevant biopharma news every week to 765 recipients, plus a daily COVID newsletter: “We try to keep people informed of the most interesting published research in their areas.”
For certain queries, Sienna and her team get their information from published literature in research journals, like PubMed. However, Sienna remembers how tricky things got when her team started getting requests for information about broader topics like drug innovations, regulatory decisions, political decisions, or industry updates. “Rather than being about a specific disease, we started getting asked about things like drug pricing, or the gene and cell therapy industry.” Sienna commented that it wasn’t easy to capture this type of news about “those more general areas where there is news, rather than just published literature.”
She set up some Google Alerts, and subscribed to emails from assorted websites, but it was messy. And if members of the team weren’t already experts in an area (like bioprocessing, for example), Sienna found it hard to know which sources to look at for relevant research.
Sienna and her team needed a way to track dozens of different topics and trends in biopharma at the same time from a large range of sources.
“Before using Feedly, we didn’t really know how to find ongoing news on these broader topics like drug pricing or the gene and cell therapy industry.”
Back in 2013, Sienna knew she needed an RSS reader replacement to gather industry updates. At the time, she was using a free, personal Feedly account to read comics in her spare time, and quickly realized she could use the same tool to keep up with the biopharma industry.
“I truly believe in the power of RSS. It makes Feedly a powerful one-stop shop for all our favorite web pages.”
Feedly AI reads through a pre-curated list of 3,000 top-tier biopharma publications: research journals, industry updates, regulatory news, PubMed, etc and surfaces content on the specific topics Sienna has selected.
Now, Sienna and her team use Feedly for Biopharma plus the power of AI to track and gather information across the topics they need.
Finding relevant insights about a specific molecule or drug used to be like finding a needle in a haystack. But with Feedly AI, Sienna can now easily discover hyper-specific information about the drugs and clinical trials they need to keep up with.
To replace noisy Google Alerts, Sienna created AI Feeds in Feedly, which allow her to track anything across the web (not just in sources she follows in Feedly), like specific genes, molecules, diseases, or clinical trials. Instead of skimming multiple email updates per day like she had to with Google Alerts, Sienna can refine her a AI Feeds for her specific needs and see results in a single Feed.
For example, Sienna created an AI Feed for bioprocessing, a topic she was unfamiliar with. By asking Feedly AI to find articles about bioprocessing across the web, she didn’t need to know what the best sources of information were, but she could still get relevant insights about the topic. And as she continues to familiarize herself with the topic, she’s able to refine her bioprocessing AI Feeds to get even better results.
“AI Feeds in Feedly allow me to be a lot more efficient than with Google Alerts. They’re a huge time saver: I get much fewer articles but all of them are relevant to my biopharma searches.”
AI Feeds like Sienna’s bioprocessing alert, allow her to keep track of news from sources she wouldn’t have found before. “And they’re so much less noisy than Google Alerts.”
For topics Sienna and her team are a bit more familiar with, they already know their favorite sources to seek out information: news sites, research publications, and industry publications. They added all of these sources to Feedly, and asked Feedly AI to prioritize must-reads about drug manufacturers, lists of specific drugs, or specific topics like CRISPR.
The team also adds Mute Filters to filter out the noise for certain topics. For example, in their Process Analytical Technology Innovation Feed, they’ve muted market reports, sports, and recreational drugs so they don’t get distracted by irrelevant results.
Since the team is already spending hours reading articles and saving them to Boards, they leverage their curation efforts with Like Boards. “We save things to boards to train Feedly AI,” explains Sienna. Like Boards are a niche feature that this team uses heavily. While we at Feedly pre-train Feedly AI on broad topics, Like Boards are an easy way for users to train Feedly AI to prioritize based on the content they’ve saved to Boards. Instead of surfacing articles about a specific topic, Feedly AI will find articles that share commonalities with what you’ve already saved.
When Sienna and her team create a Like Board Priority, Feedly AI learns the types of articles they save, and then prioritizes similar articles in their Feeds.
With the information they gather in Feedly, Sienna and her team spend less than an hour per day to assemble informative weekly newsletters for 765 recipients. And instead of fielding multiple emails and alerts, they enjoy the peace of mind of getting all their open-source biopharma intelligence in a single location inside Feedly.
By using AI Feeds, Priorities, and Like Boards inside Feedly, Sienna’s team can keep track of industry news and get insights from sources they might have missed with their limited time.
“If we didn’t have Feedly, we wouldn’t be able to capture the information in one place. We’d have to sign up for more email newsletters and then from there we’d have to go through the whole newsletter, whereas with Feedly you can go through one story at a time, all in one feed.”
Now that Sienna and her team have the information gathering process down to a science, she’s excited to explore other functionalities, like saving articles to Boards as a way of sharing with the team and broader company.
And beyond biopharma research? Sienna takes full advantage of the ability to save articles to personal boards, invisible to her team. She has a dedicated Board in Feedly for recipes
For more inspiration on using Feedly for personal use, see how one tech executive uses Feedly to fuel his passion project.
Feedly for Biopharma can help you research, prioritize, and share insights, without the overwhelm.
How experts in industry intelligence, cybersecurity, and biopharma created Leo Web Alerts to track key topics and trend
You can now track topics, companies, people, or events across any source. Here’s how
A cohesive, streamlined workflow for threat intelligence that saves hours every week
Increased customer satisfaction due to improved speed of intelligence
Real-time sharing makes it easy to instantly alert customers and collaborators
Chris Pickard, Cyber Threat Intelligence, and Adam Thomas, Vulnerability Analyst, lead the cyber threat intelligence (CTI) team at Airbus CyberSecurity in the UK. The team has since grown significantly, but just a few years ago they were a small team with painfully manual processes for gathering threat intelligence.
Chris remembers, “We had our favorite sites that we would go to stay on top of the latest trends and to monitor newly released vulnerabilities. It was a more time consuming process compared to how we do things now, and on reflection, it was less structured ” He adds, “We’d have all sorts of set places we would go to to get the news and to get the latest vulnerabilities. It worked but it could sometimes be a frustrating process.”
Before the CTI team enhanced their news gathering and vulnerability monitoring capability with Feedly, they collected information individually. The process is now much more collaborative, with each member of the team having access to and visibility of the Feedly platform. He adds, “We wanted a way of getting news to our customers much more quickly and to work together in a more streamlined way.”
Like many current Feedly for Cybersecurity teams, Chris had been using Feedly for personal use in the past. Once he and Adam discovered Feedly’s cybersecurity-specific features, they felt like they had found a cheat code for finding what matters and getting it to the right people, faster.
“We wanted a way of getting news to our customers more quickly and to work together in a more streamlined way.”
Chris Pickard, Cyber Threat Intelligence
Chris and Adam still needed to convince upper management to adopt Feedly for Cybersecurity. Chris says, “One of the obstacles we faced was to convince management of the benefits that Feedly would provide. From a management perspective they were already aware that the team were doing a good job, but the challenge we faced was to demonstrate the improvements Feedly would bring to the table”
After a few months of switching the manual process to a more streamlined intelligence workflow with a trial of Feedly for Cybersecurity, “It reached the point where our customers were giving positive feedback about how we were able to respond to the latest trends, while also keeping them informed of the news and our response to it. The efficiency of the new workflow really helped us promote Feedly within Airbus.” Internal management teams, other security teams, and their external customers noticed and appreciated the increased speed in which they were receiving threat intelligence.
“It reached the point where our customers were giving positive feedback about how we were able to respond to the latest trends, while also keeping them informed of the news and our response to it. The efficiency of the new workflow really helped us promote Feedly within Airbus.”
Chris Pickard, Cyber Threat Intelligence
Adam adds “The feedback that we received from the customers has already proven that Feedly was worth the investment.” He adds, “Once the customer reviews started backing up what we’d been saying all along, then there was no decision to be made, to be honest. It was easy to convince management to adopt Feedly from then on.”
At Feedly, we use Airbus CyberSecurity’s workflow as a model to teach other security teams to set up efficient, collaborative intelligence gathering processes using our platform. This is how they get actionable cybersecurity intelligence to their customers in a matter of minutes.
Chris and Adam ask Feedly AI to track anything related to critical vulnerabilities affecting them and their customers’ assets and products across the web (not just in the sources they follow in Feedly). They can then add the results of these AI Feeds to their Feedly account.
Then, using a portfolio of security sources they trust, Chris and Adam asked Feedly AI to prioritize anything related to their customers, including customer assets and products. With Priorities, Feedly AI reads all incoming information and surfaces the most relevant content, based on the specific parameters Chris and Adam set up. According to Chris, “We know that anything that’s triggering the Priorities is something we need to focus on. Instead of us having to hunt for actionable intelligence from different sources, we can just have a glance at the Priorities and go from there.”
With Feedly for Cybersecurity, Chris and Adam can see the CVSS score directly in their Feeds, which gives them more tools to share with customers. They can click into a CVE Card, to access all the information related to the CVE, access the severity of a vulnerability, and determine if it should be escalated to their team for further research without zig zagging across different tabs. If not provided by the National Vulnerability Database (NVD), Feedly AI will estimate the CVSS score and CWE attack type for each vulnerability.
“We can just look at Feedly AI’s prioritization and see what needs to be taken care of first,” says Chris. “It’s really helpful to see the top attackers and go from there.”
If they find a critical vulnerability about a customer’s supply chain, for example, Chris and Adam’s team need an easy and fast way to get it to the people who need to know.
The team initially had a solid workflow set up, and with a few tips from Remi on the Feedly customer success team, they made it even more streamlined. Remi says “The Airbus CyberSecurity team had developed a clever workaround with IFTTT to send articles to a list of six external customers.” But there was room for improvement, so “during one success session, we were able to tweak it a bit to send polished emails directly from the Feedly interface, without using a third-party tool as a workaround.”
Instead of connecting Feedly to email with an IFTTT integration in the middle, Remi showed Chris and Adam how they could actually send parts of an article directly to external email addresses using Notes.
To organize information to share with customers, Chris and Adam created one Team Board per customer. Team Boards are shared spaces to save articles, and can trigger other automations, like the Slack integration or an email. If Chris saves an article to a customer’s Board, it can immediately trigger a Slack message or an email notification to the customer. “I used to have to summarize gathered intelligence in an email and send it to customers. Now I can just attach relevant information to a Board and I can send it instantly to the people that need it.”
Notifications from Boards can be sent to anyone via email, whether or not they have a Feedly account. Chris and Adam send articles to analysts, CTO teams, or even the CEO. “Everyone sees these notifications straight away, and it’s just a really good way of getting it to them quicker.”
Apart from ad hoc alerts when relevant issues come up for customers, Chris and Adam also send out daily and weekly newsletters on topics of interest. They add any articles that customers might find interesting to a dedicated Board. They’ve configured the Board to automatically send a Newsletter, which is an automated roundup of recently added articles that can be sent at regular intervals.
The most noticeable impact of using Feedly? The stellar feedback the CTI team has received from both internal and external customers. Chris says, “Customers really love the speed that we are able to quickly get the news to them. As soon as something hits the news, like a critical vulnerability that affects them, we can notify them within minutes.”
Sending out regular news roundups is much easier, too. Chris says, “Team Newsletters have made the biggest difference for me because it’s saved so much time.”
By asking Feedly AI to track their customers’ assets and products both across the web and within their trusted security sources, Chris and Adam can feel confident they’re not missing anything, but they can also make sure they’re not wasting time on irrelevant news.
“I was amazed by the sheer amount of information Feedly brings in, and then how quickly that’s cut down to what’s relevant, I’ve not used a tool that has the same level of impact.”
“I was amazed by the sheer amount of information Feedly brings in, and then how quickly that’s cut down to what’s relevant, I’ve not used a tool that has the same level of impact.”
Adam Thomas, Vulnerability Analyst
The process is now much more collaborative, with each member of the team having access to and visibility of the Feedly platform, which avoids duplicate work. And avoiding duplicate work is like having an extra person on the team. Chris says, “The time saved has enabled us to put more resources into threat hunting, vulnerability research, and improving existing processes.”
Working together in a more cohesive way also gives the team the confidence that they’re collectively catching everything they need. Adam adds, “We know that once we put parameters into Feedly, it’s definitely doing its job and is capturing everything we need it to. And we’re not missing anything.”
“We know that once we put parameters into Feedly, it’s definitely doing its job and is capturing everything we need it to. And we’re not missing anything.”
Adam Thomas, Vulnerability Analyst
When it comes to threat intelligence with Feedly, the Airbus CyberSecurity CTI team is only just getting started. What’s next? Adding even more automation. Chris and Adam are looking to leverage Feedly’s API so they can integrate their intelligence gathering workflow with tools they’re already using, like MISP.
They’re also participating in the beta program of Feedly’s Indicators of Compromise feature, so they can quickly discover and collect malicious IoCs from security news sources, Twitter, and Reddit, and then easily export IoCs with context.
Stay tuned, the Airbus CyberSecurity CTI team is leading the way for efficient, collaborative, and effective threat intelligence.
Cut down the information overload to only the relevant news, so you can proactively alert customers or internal team members in minutes.
Drew Gallis, analyst at WillowTree, leverages Feedly for Cybersecurity to track cyber threats across the company’s supply chain and protect client
Leo recognizes IoCs mentioned in articles, and can gather them for yo
One Feedly Enterprise customer had come up with a clever trick to automatically email articles to a predefined group of 6 emails. It worked, but it was a little hacky.
For teams that need to send critical information as quickly as possible (like the cyber threat intelligence teams that use Feedly, for example), instant communication about threats, data breaches, or vulnerabilities is important. And copying and pasting content at scale can really slow you down.
Remi, Customer Success & Operations lead at Feedly, helped one team find an even simpler way for instantly sending articles to external recipients.
They needed to send news immediately to external customers, but the customers weren’t members of their Feedly account.
To avoid manually sending emails to customers each time a relevant article popped up, the team set up an IFTTT automation. It worked, but it was a little clunky:
And since the articles were sent from Feedly → Gmail → each recipient’s inbox, they weren’t the most visually pleasing.
Remi spotted an opportunity to make their lives easier, and helped simplify the workaround. It’s simple:
When you tag someone in the Notes section of an article, Feedly automatically sends an email to the recipient, and include the highlighted section in the body of the email. The look and feel of the email is a bit more polished than the Gmail workaround, and they don’t even have to click through to read the highlighted section of the article.
Easy enough so far, right? But what happens when you want to send articles to the same list of six or seven people? You definitely don’t want to have to type their email addresses every single time.
Here’s the fun part: you can use tools like TextExpander to create keyboard shortcuts for your predetermined lists of email addresses, and paste that directly into Feedly. For example, if I often send articles to the same 7 external clients, I can create a snippet to avoid typing out those 7 email addresses every time I want to share something with a group.
Then, if someone replies to the email, it will automatically get sent to the original sender’s inbox (and not some noreply address).
Try it out the next time you need to share a timely, relevant article. Happy reading!
Finding and collecting relevant indicators of compromise is critical to your security, but with millions of articles to sort through, discovering and collecting the right ones is a challenge. Even if you know where to look, IoCs can be easy to miss and tedious to upload to your threat intelligence platform.
This is why we’re excited to announce that now you can discover, collect, and export malicious IPs, domains, hashes, and URLs mentioned in your Feeds or across the web, because Feedly AI recognizes indicators of compromise.
We trained Feedly AI to understand, find, and even export IoCs, so that they are easier to find and prioritize. This feature is included with Feedly for Cybersecurity.
“Being able to track IoCs with Feedly has been very helpful, our team has been using the new feature every day to be on top of potential risks. Just today, Feedly AI was able to spot three IoCs in a long report I was reading although I hadn’t noticed them.”
Michelle Barro, Threat Intelligence Analyst at Verizon
Feedly AI recognizes malicious IPs, domains, hashes, and URLs within the text of articles, Tweets, or Reddit posts, and tags articles so you know how many and what type of IoCs appear in a given article.
When an article contains an IoC, Feedly AI will highlight it for you so it’s easy for you to find and confirm, even if it is buried in the text of a long article or threat intelligence report.
If the IoCs are relevant, you can export them to a markdown or STIX file that will include critical context such as the article link, malware, threat actor, CVE, product, and TTP information.
To track indicators of compromise from across the entire web, click the robot symbol on the left hand navigation menu, and navigate to the ‘Threat Intel” tab. Type “Indicators of Compromise,” then click “+ AND” to refine your AI Feed further if needed.
Now that I can use Feedly to track IoCs across the web, our process to upload new indicators to our environment is much faster and easier. Being able to track IoCs across millions of sources on the web helps us cover every base possible.”
Cybersecurity engineer at a leading Fortune 500 technology company
Feedly for Cybersecurity is an OSINT platform used by more than 100 cybersecurity teams globally to speed up their threat intelligence. See how Feedly can help you conduct threat research up to 70% faster by starting a free trial.
Let’s say you want to search for indicators of compromise related to a specific threat actor or malware. You can use AI Feeds to flag IoCs that match your query, even if the articles are from sources you don’t specifically follow.
The AI Feed shown in the example below will look for IoCs related to the Cobalt Strike malware family, making it easy to find what’s relevant, export it in seconds, and proactively monitor the web for future IoCs relevant to you.
When you open article(s) that contain IoCs you’d like to upload to your preferred threat intelligence platform, you can export them in either STIX or Markdown formats. This is a significant time saver in contrast to scrolling through the article and copying and pasting what you need.
Your export will also include the IoC context such as the original article link, related malware, threat actor, CVE, product, and TTP information. This makes it even easier to take action. Here is an example of a STIX export:
The Advanced Feedly for Cybersecurity plan includes up to 100,000 requests per month and the full power of the Feedly API. Any action a user is taking in the Feedly application can be performed via the Feedly API, including collecting IoCs. You can access instructions for doing so here.
You can use the Feedly API to aggregate indicators of compromise and their context (associated threat actors, malwares, vulnerabilities and TTPs) from recent articles in a Feed, and return a single STIX object with all of those components and their relationships.
To learn more about the power of the Feedly API or begin a trial or proof of context, click here.
It used to be particularly tedious to track the IoCs that are related to the critical UI CVEs or products my team has to be on top of. Now, with Feedly’s new IoC feature, I can track IoCs in a much faster and more visible way.”
Michael Rossi, Independent Security Consultant
Finally, if you need to search for a specific set of IoCs already published online, you can do this via Power Search. Power Search allows you to leverage Feedly AI’s knowledge graph within your existing Feeds or across the web, allowing you to get much more granular and accurate than standard web searches.
Click the “” icon in the left navigation menu to access the Power Search screen. From here, you can look for any articles that contain indicators of compromise. This is ideal when you need to track a malware family you haven’t tracked before, and want to quickly find known IoCs that are already available online.
The Indicators of Compromise feature, CVE dashboard, cyber attacks Smart Topic, and several more advanced features are included with Feedly for Cybersecurity. This enterprise package is perfect for cybersecurity teams that need to conduct open-source threat intelligence more efficiently. To learn more about any of these features, or start a free 30-day trial, click the link below.
Feedly for Cybersecurity is an OSINT platform used by more than 100 cybersecurity teams globally to speed up their threat intelligence. See how Feedly can help you conduct threat research up to 70% faster by starting a free trial.
This analyst team designed AI-powered security Feeds in Feedly that proactively alert them about specific topics, threats, and threat actor
Drew Gallis, analyst at WillowTree, leverages Feedly for Cybersecurity to track cyber threats across the company’s supply chain and protect client
Do you have a set of go-to-sources, boards, or AI Feeds you navigate to regularly? You can now use the heart icon to pin them to the top of the left navigation bar and access them more quickly.
If you were using the old favorites system, you should see a Favorites (Old) feed with the list of sources you added to your favorites. If you want to rename Favorites (Old) to a different name, please create a new feed and move the sources to that feed.
We are also adding a preference that allow you to use your first feed as your start page. This should allow you to continue to use your old favorites as your start page if that is your workflow.
However you choose to organize your Feedly, we want to make it easy to find what matters as fast as possible!
You already follow your favorite blogs, news sites, research journals, and more in Feedly. But when you come upon a site without an RSS option, what do you do? Manually opening separate tabs and remembering to check the RSS-less sites can get tedious and confusing. And some of the RSS builder tools out there can feel intimidating and complicated, especially if you already do all your reading and research inside Feedly.
That’s why we’re so excited to announce Feedly’s new RSS Builder. You can now create your own feeds for websites that don’t offer RSS and follow them in Feedly.
The RSS Builder feature solves one of the big problems our team used to have: they had trusted and favorite sources with no way to get in Feedly. Instead of having to look into multiple places like before, they can now follow all their favorite websites in one single place on Feedly!
Product Integration Manager, Feedly Enterprise User
When you try to follow a website that doesn’t offer RSS, you used to hit a dead end. Now, you’ll see the option to build your own RSS feed, and the RSS Builder will walk you through the simple steps to add a website without RSS to your Feedly.
First, choose the articles you want to get through RSS. When you open the RSS builder, you’ll get a preview of the web page. Scroll down the page, find the section of articles you’re interested in, and click on the articles you want to get in Feedly (such as the “latest posts” section of a company’s blog). Then, click ‘Build RSS feed.’ You’ll be prompted to add your new source to an existing Feed in Feedly. Add it to an existing Feed, or create a new Feed in which to organize your new source.
That’s it! You have officially built an RSS feed from scratch. Congrats.
Articles from this new source (that you’ve created with the RSS Builder) will now get sent to your Feedly regularly. This source will behave like any other source in Feedly. Feedly AI will find the topics in article, deduplicate articles, summarize articles, or mute topics you don’t want to get in Feedly.
Now that you’ve used the RSS Builder to bring these articles into Feedly, you can read, annotate, save, or share articles just like content from any other source. Add Notes or Highlights to your reading to come back to later, or save an article to a designated Board to keep articles on a certain topic. You can share through integrations with social media sharing platforms, email, or Zapier.
Feedly can become a place for all news sources I want, and I can select the sources of information in a more granular way instead of waiting for sources to have an RSS.
Daniel Lewis, COO, Winno
No RSS? No problem. Build your own RSS feed in Feedly for websites without RSS.
RSS stands for really simple syndication. When a website offers an RSS feed, it makes content available in a file format that an RSS feed reader (like Feedly) can use to fetch the content so you can read it in real time. Until now, when a website didn’t offer RSS feeds, Feedly was unable to aggregate content from this RSS-less website into your Feedly.
To create an RSS feed for a website without RSS, click on the ‘+’ button in the left navigation bar. In the ‘Websites’ tab, paste the website URL that you want to follow. You’ll automatically see the option to build an RSS feed. Click ‘Build RSS feed’ and follow the steps.
The RSS Builder is available for users on Pro+ or Enterprise plans. Try it out.
You can create up to 25 RSS feeds in the Pro+ plan and up to 100 RSS feeds in the Enterprise plan with the RSS Builder tool.
Yes, you can create the same logic on top of sources you’ve built with the RSS Builder as you would on any other type of source. Ask Feedly AI to mute models or keywords you don’t want to see in your Feed.
While we try our best to allow you to follow any sites with RSS Builder, these sites are currently not available to build RSS feeds:
1. Social media sites: Facebook, Instagram, TikTok, LinkedIn, Twitter (although you can get Tweets in Feedly with a Pro+ or Enterprise plan)
2. Websites that render content dynamically using JavaScript
3. Websites that don’t have links / URLs to fetch from
The RSS builder works best with sites that have an organized list of links, like a blog or list of articles. Sites that have a jumble of disorganized links (or no links on the page) aren’t easy to turn into RSS feeds. However, supporting this type of non-linear website changes is on our roadmap for the RSS Builder.
Right now, the RSS Builder is only available on Feedly’s web app. However, you can still build RSS feeds on the web, and read them in your mobile app.
Unfortunately, the RSS Builder doesn’t work in Safari at this time, because Safari blocks all script execution without allow-scripts. If you’re a Safari user, you can use a different browser (like Chrome) to build your RSS feeds, and then continue to read in Feedly in your normal browser.
Find even more answers to your RSS Builder questions in the Feedly Knowledge base, which we update regularly as the feature improves. And if you still need help, reach out to our customer support team. We’d love to help you out.
You can now track topics, companies, people, or events across any source. Here’s how
How experts in industry intelligence, cybersecurity, and biopharma created Leo Web Alerts to track key topics and trend
If you’ve popped into Feedly today, you might notice something’s…different.
We’ve introduced a new naming convention: RSS feeds and all the other streams of content you follow in Feedly (Twitter, Reddit, Newsletters) are feeds and the place you use to organize and group your feeds is a Folder.
This doesn’t change anything about how Feedly works, it just makes it a little easier to talk about how to organize everything you follow and read. Happy reading!
Picked up on trending vulnerabilities in Feedly before they were rated
Saved an hour each day with streamlined intelligence workflow
Consolidated the team’s research workflow, improved effectiveness, and reduced overwhelm
David Ortiz is the Chief Information Security Officer (CISO) of Church & Dwight, the company behind brands like ARM & HAMMER, Trojan, OxiClean, OraJel, and other products. As CISO, David’s primary focus is to oversee cybersecurity, IT Risk Management, data privacy operations, and manage risk to the company so he can keep leadership informed.
Unlike a threat intelligence analyst looking at the day-to-day intel and mitigation, David is concerned with the big-picture impact of cybersecurity on the business. “We don’t want to talk too much about the widgets and the tech, we want to talk more about the impact to the overall business.”
Every day, David looks out for indicators that there may have been a critical cyber attack somewhere in Church & Dwight’s supply chain. With that information, he can inform leadership of the business implications. Church & Dwight has a large provider network including contract manufacturers, manufacturers, vendors. The company needs to keep track of what’s happening across the entire supply chain to protect the business at all levels.
To stay in front of the news, David goes through a systematic news progression every morning before his team’s 9am scrum. He works his way through sources including:
Before using Feedly, he had to visit each one of these sites individually. Now, he says “It is a single place for my news progression. I can go through Feedly and see everything.” Instead of fielding emails from different sources, David gets his newsletters delivered to Feedly as well.
Feedly has saved me an hour a day. It is a single place for my news progression. I can go through Feedly and see everything”
David Ortiz, CISO, Church & Dwight
The week that the log4j vulnerability broke in December 2021, David’s news progression looked a little different than on a normal day.
“When I woke up on Friday morning, our managed security provider had already sent out advisories at 4am East Coast time. I saw that, and I had already gone into Feedly and started reading news and seen it breaking. We knew log4j was coming and used breaking news in conjunction with our vulnerability response activities.”
By the Saturday after the vulnerability broke, news started flooding in. David remembers, “I was looking for critical vulnerabilities and CVSS scores. That’s when Feedly started working its magic: We started to see the news propagate and get organized by Leo.”
“I was looking for critical vulnerabilities and CVSS scores. That’s when Feedly started working its magic: We started to see the news propagate and get organized by Leo”
Even before a CVSS score is assigned to a vulnerability, Leo estimates a score based on the machine learning models we use to prioritize CVEs. And as the story developed and it became clear that log4j was really four distinct vulnerabilities, Feedly helped show that they were trending. David explains, “When the other vulnerabilities were still at a low level — not yet elevated to a critical or high level — Feedly was telling me it was trending, which meant more people were talking about this and more articles were being published about it.”
When the other vulnerabilities were still at a low level – not yet elevated to a critical or high level — Feedly was telling me it was trending.”
David Ortiz, CISO, Church & Dwight
David was watching both Feedly and the National Vulnerability Database news to see if one specific vulnerability was going to trend and become a critical vulnerability. If it was identified as a critical vulnerability, that would dictate how Church & Dwight security teams respond to the vulnerability.
David adds, “Feedly helped me follow the vulnerabilities that weren’t yet rated. By looking at the trending vulnerabilities and estimated CVSS scores in Feedly, I could estimate that they would eventually get assigned a high or critical rating, which they did.”
David chose Feedly as his team’s open source threat intelligence tool for three main reasons:
David’s extremely conscious of the impact of information overload on his team, and designed his Feedly setup with that in mind. “Feedly is a common area to share data so that we’re not fatiguing one another with more news and more notifications.”
David strategically set up two main Team Newsletters to send automatically and summarize news, instead of sending one-off texts and Slack messages that would distract his team.
Instead of everyone on his team having separate, siloed security sources, David and his team use Feedly as the common area to share those trusted sources of data. This means everyone’s on the same page about threat intelligence and risk management, and the whole team benefits from having multiple smart cybersecurity minds working together.
Before adopting Feedly as his open source threat intelligence tool, David used to complete his daily “news progression” every day across various different sources. But now, he’s able to consolidate his intelligence in one place and streamline the process.
Beyond the feeds he organizes in Feedly, David checks the Threat Intelligence Dashboard daily. “It brings me information that I don’t have to go get on my own. Instead of having to manually trend or use other sources to trend, Feedly’s trending that for us.” David estimates that Feedly has saved him an hour each day, which means he can make more progress on Church & Dwight’s security roadmap and projects for risk reduction.
When there’s not a critical vulnerability front and center, David focuses on projects on the company’s security roadmap, including risk reduction and safeguarding data. “Feedly helps me stay in front of the news so I can help keep the company safe.”
And what’s next for David’s work with Feedly? David continues to work with his team in the process of gathering open source threat intelligence . He’s looking forward to the upcoming Customizable Newsletters feature (coming soon!) that will make it even easier to send advisories and customize them with internal knowledge.
Try Feedly for Threat Intelligence so you can gather open source intelligence and share insights with the people who need them, faster.
Many of the leading cyber security teams use Feedly to organize and automate their open-source threat intelligence and stay ahead of emerging threats. We have had the chance to research 100 of them and review their open-source threat intelligence best practices.
In this article, we will share how they translate their intelligence needs into various types of feeds and how they structure those feeds into a highly functional Feedly account.
Most cybersecurity professionals start their day in the Threat Intelligence Dashboard. It offers a broad overview of the emerging threat landscape: trending cybersecurity articles and attacks, new critical vulnerabilities, active attackers, new behaviors, and malware families, so it’s easy to get a sense of what’s going on in just a few minutes.
Here’s a brief overview of each section:
The most effective way to track critical vulnerabilities and zero-days across the web is with Feedly AI. Feedly AI has been pre-trained to understand vulnerabilities and assess their severity. It reads millions of articles every day, looking for critical security threats.
When Feedly AI finds a CVE, it automatically searches for its CVSS score, related exploits and malware families, links to threat actors, CWE information, and patches. It then organizes all this information into a rich CVE insights card.
If the CVE doesn’t have a CVSS score yet, Feedly AI uses machine learning to predict the CVSS score, keeping you one step ahead of the latest emerging threats.
Creating a broad (Feedly) AI Feed targeting all critical vulnerabilities gives you a big picture view of what is happening across the threat landscape, while adding specific vendors to the search narrows the focus into more precise and manageable feeds.
Cybersecurity teams often create an AI Feed for each of the main products deployed in their environment and group them into a Vulnerabilities folder.
One way cybersecurity teams track and visualize the behaviors of specific Threat Actors and Malware Families is by using Feedly’s integration with the Mitre ATT&CK framework. Feedly AI has been pre-trained to understand threat actors (integration with Malpedia), Mitre ATT&CK (version 10), and the model of threat intelligence reports. These three models can be easily combined to track the behavior of selected adversaries.
Here is an example of an AI Feed surfacing all the threat intelligence reports mentioning the Lazarus Group threat actor:
Cybersecurity teams often create an AI Feed for each of the threat actors and malware families defined on their threat profiling list and group them into a “Threat Intel” folder.
When Feedly AI finds an article in which it has identified TTPs, it can map the content of that article to the ATT&CK navigator so that cybersecurity teams can easily analyze the adversary behavior and compare it with their existing defenses.
Feedly AI also automatically flags all the malicious IPs, hashes, domains, and URLs (IoCs) it identifies in articles so that they can easily be exported with links to threat actors, malware families, and vulnerabilities using STIX 2.1 and imported into Threat Intelligence Platforms (TIP).
Security teams can efficiently track cyber attacks targeting their industry or supply chain. Feedly AI has been pre-trained to understand the concept of a cyber attack and who the target of the attack is. Here is an example of how a cybersecurity professional might ask Feedly AI to track all the cyber attacks targeted at the finance industry.
The focus can also be narrowed down to more specific threats like “data breaches impacting credit cards” or “cyber attacks using multi-factor authentication”
Feedly allows cybersecurity teams to follow a wide variety of trusted feeds all in one place, including websites and blogs, newsletters, Reddit communities, and Twitter accounts, searches, and hashtags. The teams that get the most out of Feedly turn it into their one-stop intelligence center so they can share common sources in one place. They end up saving hours each week because they’re no longer sharing articles ad-hoc across email, Slack, and other messaging platforms.
When an article of importance surfaces, Feedly provides the tools to annotate, highlight, add notes, and save the article to a Board for review later. When an article is saved to a Team Board, Feedly for Threat Intelligence users have additional options to auto-generate Newsletters, share with Slack or Microsoft Teams, or use Feedly’s Rest API to integrate into an existing workflow.
Here are a few examples of Team Boards that have helped cybersecurity teams stay organized:
All of these features, plus many more, are available as a part of Feedly for Threat Intelligence. To learn more about any of these features, or start a free 30-day trial, click the link below.
Leo recognizes IoCs mentioned in articles, and can gather them for yo
An inside look at how the Airbus CyberSecurity team is using Feedly to monitor and share actionable insight
Looking to monitor a specific CVE ID? Previously, you had to type in the exact CVE ID and be sure it was the right number. Now, Feedly AI autocompletes the CVE ID and shows you the description of the vulnerability, so you can be sure you’re tracking the right one.
This is a small improvement to the UI that makes it much easier for you to quickly track a CVE (instead of entering the ID manually) and to make sure you’re tracking the right CVE.
The more high profile a CVE becomes, the more likely threat actors will develop exploits for it. You can keep an eye on a trending vulnerability by simply creating an AI Feed and adding it to your “Trending vulnerabilities” Folder, for example.
When it’s taking a while to apply a security patch, you want to keep an eye on the tactics used to exploit the vulnerability. Create an AI Feed for the CVE ID and the model “Cyber Attacks” and Feedly AI will look for attacks or exploitation attempts related to the specific CVE.
Then, you and your team can use this information about available exploits to prioritize which vulnerabilities to patch. You can also update the AI Feeds to add more CVEs if needed, like when a vulnerability has multiple IDs associated with it.
Tracking, gathering and ingesting indicators of compromise is a great way to proactively hunt for signs of an attack on your environment. Since Feedly AI allows you to gather and export IoCs from multiple sources (including articles, Twitter, Reddit, and emails), you can create an AI Feed to track a specific CVE ID and the “Indicators of Compromise” AI Model.
Once you create an AI Feed for IoCs related to the specific CVE you’re tracking you can easily export the resulting IoCs with context and add them to your own security environment.
Gather intelligence others have curated by adding the “Threat Intelligence Report” AI Model to your Web Alert. When you combine the CVE ID with the Threat Intelligence Report AI Model, you’ll get Threat Intel Reports mentioning the CVE.
And if you want to get all angles of a CVE, you can combine all of these models into a single AI Feed. Just track the specific CVE ID and add other AI Models like Indicators of Compromise, Threat Intelligence Reports, and Cyber Attacks.
And don’t forget — to get a complete overview of a specific CVE in the moment, you can also click on the CVE ID and open up the CVE Insights Card. You’ll find an at-a-glance overview of exploits, malware families, and related threat actors in a single view.
Not a member of the Feedly for Threat Intelligence community yet? Try a free 30 day trial and speed up your discovery and research of emerging threats.
How to structure your Feedly for Threat Intelligence account to optimize your open source threat intelligenc
Contextualized CVE information for faster threat research, without the overwhel
The core of Feedly for Threat Intelligence is an AI engine, that automatically gathers, analyzes, and prioritizes intelligence from millions of sources in real-time.
In this article, we’ll show you how to use AI Models to:
Before we look at those four use cases, let’s start with a short overview of how Feedly AI works.
Feedly AI reads millions of articles, reports, and social media posts every day and automatically tags key threat intelligence concepts: critical vulnerabilities, malware families, threat actors, indicators of compromise, ATT&CK techniques, companies, vendors, industries, etc.
All this information is at your fingertips in near real-time via a powerful and intuitive search and tracking interface called (Feedly) AI Feeds.
Curious how it works? Let’s take a look at an AI Feed designed to track critical vulnerabilities and zero-days related to Cisco Systems:
Creating an AI Feed is a three-step process:
With AI Feeds, you can add to a team or personal folder. New articles, reports, or social media posts matching the specified AI Models will appear in the AI Feeds.
The power of AI Feeds is that ‘High Vulnerability’ and ‘Cisco Systems’ are not simple keyword matches. These AI Models are machine learning models that encapsulate a broader understanding of each concept:
Without AI Models, gathering intelligence would require a tedious effort of trying to find a long list of the right keywords, leaving room for blind spots and lots of irrelevant results.
Feedly for Threat Intelligence comes with a wide range of pre-trained AI Models so that you can easily translate your intelligence needs into AI Feeds.
Let’s see how we can combine these AI Models to proactively track specific threats and stay one step ahead of your adversaries.
Tracking the behavior of threat actors and malware families can be tedious and overwhelming, taking up valuable time that could be spent hunting for malicious activity in your environment.
That’s why Feedly has created a set of AI Models that automatically tag threat actors, malware families, TTPs, and IoCs.
Let’s take a look at an AI Feed designed to track the latest IoCs and TTPs related to Lazarus Group across threat intelligence reports published on the web:
Here are some additional AI Models you can use to broaden or narrow your threat profiling:
Staying up to date with the latest attacks against your industry can help you be better prepared when putting defenses in place, as well as help you learn about which threat actors to look out for so you can be more targeted when gathering intelligence.
Let’s take a look at an AI Feed designed to gather intelligence about cyber attacks in the finance industry:
You can also easily narrow your focus on a specific type of attack:
Manually keeping ahead of new vulnerabilities and zero-days is an impossible task, but you can set up AI Feeds to help you stay up to date on new vulnerabilities that come across the radar of the global cybersecurity community.
Feedly aggregates vulnerability information from NVD and over 20 vendor advisory sites — as well as monitoring many sources to find exploits for each CVE — in near real-time.
Let’s take a look at an AI Feed designed to surface critical vulnerabilities and zero-days related to a vendor deployed in your environment:
When you discover a new CVE, you can use the CVE insights card to get a 360 degree view of that vulnerability and decide if you should create a ticket for your response team.
You can also use AI Feeds to track niche cybersecurity topics.
Let’s take a look at an AI Feed designed to gather intelligence about malicious, compromised, or hijacked packages:
Here are some additional AI Models you can use to track niche cybersecurity topics:
The world’s leading cybersecurity teams use Feedly for their OSINT, so the product constantly improves based on their feedback.
Here is a roadmap of some of the new AI Models we are researching:
Feedly for Threat Intelligence customers can reach out to us at enterprise@feedly.com to give feedback on improving existing AI Models or creating new ones to ensure that Feedly is working at full capacity to serve your Threat Intelligence needs.
All of these features, plus many more, are available as a part of Feedly for Threat Intelligence. To learn more about any of these features, or start a free 30-day trial, click the link below.
The core of Feedly for Market Intelligence is an AI engine, that automatically gathers, analyzes, and prioritizes intelligence from millions of sources in real-time.
In this article, we’ll show you how to use Feedly AI to:
Before we look at those four examples, let’s start with a short overview of how Feedly AI works.
Feedly AI reads millions of articles, reports, and social media posts to determine if they are relevant to the topics you want to track.
All this information is at your fingertips in near real-time via a powerful search and tracking interface called AI Feeds.
To understand how this works, let’s review an AI Feed designed to track Amazon’s recent product launches:
Creating a (Feedly) AI Feed is a three-step process:
With (Feedly) AI Feeds, you can add to a team or personal Folder. New articles, reports, or social media posts that match the specified AI Models will appear in the AI Feeds.
The power of (Feedly) AI Feeds is that Amazon and Product Launches are not simple keyword matches. These AI Models are machine learning models that encapsulate a broader understanding of each concept.
Without AI Models, finding the right information would require manually updating a long list of keywords, leaving room for human error and irrelevant results.
Feedly for Market Intelligence comes with a wide range of pre-trained AI Models so that you can easily translate your intelligence needs into AI Feeds.
Let’s examine how to combine these AI Models to build a strong market intelligence engine.
Tracking the strategic moves of your competitors can be tedious and overwhelming. That’s why Feedly has created Company AI Models, which tracks competitor decisions and actions using Artificial Intelligence, saving your team hundreds of hours.
Let’s take a look at an AI Feed designed to track all the latest updates about Apple:
You can use Strategic Move AI Models to refine your competitive research to only the most relevant updates, such as Product Launches, New Patents, and Partnerships.
Let’s take a look at an AI Feed designed to track Apple’s newest patents and tech innovations:
Here are some additional AI Models you can use to refine your competitive research:
Manually tracking consumer behaviors often feels like searching for a needle in a haystack. That’s why we built the Consumer Insights AI Model, which surfaces articles that mention behavioral statistics and consumer data most relevant to you.
Let’s take a look at an AI Feed designed to track Consumer Insights related to Sustainability:
Market Intelligence teams leverage Feedly AI to make their tech innovation research 70% faster. Technology AI Models intelligently scan for a range of new technologies, such as Augmented Reality, Crypto, and Quantum Computing.
Let’s take a look at an AI Feed designed to track updates about Crypto and Digital Wallets:
Keeping up with business development opportunities helps your company stay competitive in your industry. AI Feeds allow you to identify and act on key market opportunities as they arise.
Let’s take a look at an AI Feed designed to gather intelligence about companies that have recently raised funds in the finance industry:
The world’s leading Market Intelligence teams use Feedly to stay competitive, so the product constantly improves based on their feedback.
Here is the roadmap for some new AI Models we are researching for our Market Intelligence customers:
Feedly for Market Intelligence customers can reach out to enterprise@feedly.com to share feedback on existing AI Models or suggestions for new AI Models. We value our community’s input, as this ensures Feedly is working at full capacity to serve your Market Intelligence needs.
All of these features, plus many more, are available as a part of Feedly for Market Intelligence. To learn more or to start a free 30-day trial, click the link below.