Noticias em eLiteracias

🔒
❌ Sobre o FreshRSS
Há novos artigos disponíveis, clique para atualizar a página.
Antes de ontemFeedly Blog

Research critical vulnerabilities with Leo CVE Intelligence Cards

Por Sarah Hartland
Contextualized CVE information for faster threat research, without the overwhelm

Cyber attacks are increasing in volume and sophistication across every industry and category, leaving threat analysts and frontline security teams faced with a flood of information. The consequences of missing critical information are astronomical, but no human can keep up with this onslaught of data on their own. 

You need relevant, real-time, accurate information – and scrolling through an endless list of sources won’t get you there. That’s why we’re excited to announce that Leo, your AI research assistant, now aggregates information on vulnerabilities, exploits, malware families, and threat actors into a single view so that he can help you proactively track and research CVEs. 

Leo CVE Intelligence Cards gives you at-a-glance visibility into relevant trending vulnerabilities, and you can use Leo to focus any of your feeds for faster insight into risks impacting your business’s software, hardware, and application stack. 

Information overload is real. This is why we enhanced Leo’s cybersecurity knowledge graph so  he can help you proactively track and research critical vulnerabilities and zero-day exploits relevant to you

With Leo, you can prioritize the CVEs that impact your organization’s technology stack and reduce the time it takes to investigate threats by up to 70%. All of this information is available at a glance via Leo CVE Intelligence Cards and throughout your Feeds.

Before using Feedly for Cybersecurity, my biggest challenge was to quickly sort through all the data to find the top CVEs by mention, and track their relationships with exploits, patches, etc. It would take a lot of work to search through unstructured text and large bulk files. With Leo, it’s so much easier to quickly review details of a CVE and its associated relationships.

Michael Rossi, Independent Security Consultant, Cybeta

Leo CVE Intelligence Cards: a complete CVE overview in a glimpse 

If you want to dive deeper into a CVE, exploit, or threat, Leo synthesizes vulnerability, patch, exploit/PoC, malware, and threat actor information into a single CVE Card. Leo eliminates the time you used to spend opening a new browser tab, searching, browsing for the resource you want, and skimming everything individually to find what mattered.

Instead of having dozens of research tabs open in your browser, Leo CVE Intelligence Cards consolidate the information into a single location where you have at-a-glance views of:

  • CVSS score and vector string 
  • CWE
  • Affected systems, including vendor advisories
  • Exploit information
  • Patches
  • Associated malware families
  • Associated threat actors
  • Awareness graph
  • Number of Web and Social Media mentions, including Twitter and Reddit

For new vulnerabilities that don’t have a CVSS assigned yet, Leo uses a proprietary NLP model based on the CVSS v3 methodology to forecast this score. This way, you can spot new threats and take proactive steps in real-time.

Color-coding helps you make quick decisions about the next steps in your investigation. The darker the color on the Awareness graph, the more people are talking about the CVE across the web.

Get complete CVE overviews in a glimpse.

Leo provides links to all the external resources you need to investigate the CVE, so  you can more rapidly respond to threats and improve important cybersecurity metrics like mean time to detection (MTTD), mean time to investigate (MTTI), and mean time to remediate (MTTR). 

Dig deeper, faster, to determine if a specific vulnerability represents a critical risk for your organization based on its technology stack to decide whether to flag the intel and share it with the rest of your team.

For example, you can click on “Affected System” or “Patched” to go directly to those sources like the National Institute of Standards and Technology (NIST) National Vulnerability Database or websites with patches for remediation purposes. 

Click elements on the dashboard for more context and source material.

Before using Feedly for Cybersecurity, it was hard to prioritize which vulnerabilities were more important at a glance and determine if they applied to our networks. Now that we use Leo, we have been saving so much time, it’s much appreciated!

– Feedly for Cybersecurity Customer

Leo can surface relevant critical vulnerabilities across your Feeds

In addition to his interactive CVE Cards, Leo also prioritizes the most recent and talked about CVEs, right on your Today page. Simply click on a CVE name to see the dashboard complete with the information necessary for critical decision-making.

Leo knows cybersecurity because we taught him about CVE, CVSS, exploits, patches, threat actors, and other security intelligence concepts. Leo summarizes the information from various resources including NVD, vendor advisories, blogs, Twitter, and Reddit so you don’t have to check each location, sifting through posts unrelated to the CVE you care about.

The Trending in Cybersecurity dashboard showcases the top 5 trending vulnerabilities.

You can add new Leo Priorities on top of your current feed to add contextual business risk. For example, if your technology stack includes Oracle, Adobe, and Google Chrome, but not Samba, you can refine Leo’s priorities so you only see what’s relevant to your organization. 

Train Leo to prioritize vulnerabilities based on CVSS score to increase the relevance of your feed. Leo can flag risks related to your organization’s unique technology stack so you can out pace attackers.

You can start by training Leo to surface CVE’s based on Qualitative Severity Rating Scale — choose our preset for “high” or specify the CVSS scores to build your organization’s context into what you see.

Training Leo by using “HIGH” in combination with either products or vulnerability types personalizes your feed based on your organization’s unique needs. This lets you focus on the risks specific to your organization, weeding out the information you don’t need.

Surface the critical (CVSS > 8 or CVSS > 5 and exploit) vulnerabilities related to Oracle, Adobe, and Chrome.

All of these features, plus several more, are available as a part of Feedly for Cybersecurity. This package of Leo skills, enterprise features, and advanced knowledge graph access is perfect for cybersecurity teams that need to reduce noise and quickly identify risks. To learn more about any of these features, or start a free 30-day trial, click the link below. 

Try Feedly for Cybersecurity

Save time researching CVEs so you can spend more time securing them.

Start 30 Day Trial

💾

How an Australian energy provider stays on top of critical cyber threats with Feedly

Por Annie Bacher
Case Study
This analyst team designed AI-powered security Feeds in Feedly that proactively alert them about specific topics, threats, and threat actors
Impact
box icon

Discovered a supply chain data breach a week before the public announcement

chart icon

Able to monitor hundreds of suppliers for breaches

target icon

Detected a critical vulnerability within 2 hours of its release and patched it immediately

This Feedly for Cybersecurity client has graciously allowed us to share their story on the condition of anonymity. Client names have been changed.

THE CUSTOMER
This energy provider “helps keep the lights on for customers”

Started using Feedly Cybersecurity: 2020

This Feedly client plays a critical role across the Australian energy sector. In tandem with other market players, they help protect Australia’s national energy supply from cyber attacks. “We help keep the lights on for customers,” says Joe, Cybersecurity Threat Analyst.

THE CHALLENGE
Cybersecurity threat intelligence at human speed is no longer sustainable

The onslaught of information

The world of cyber threat tracking runs on a different clock than human speed. The firehose of cyber news makes it hard for our client’s security analysts to find the signal through the noise. Analysts like Joe and his team struggled to keep up with the onslaught of information. Joe used to manage his own personal spreadsheet of 350 sources of information, which he ranked by tiers based on how trusted they were. But the amount of screen time required to keep up with incoming information and identify trends was unsustainable. “The cyber world is like drinking from a firehose in terms of the information we see,” says Joe.

There’s this concept of cyber time. Last week’s issue is like three years ago. We’re so swamped with information, we don’t have time to dive deep on a lot of stuff.”

– Joe, Cybersecurity Threat Analyst

Ever-changing types of attacks and attackers

As cyber threats and ransomware crews become increasingly sophisticated, the human ability to monitor the cyber threat landscape falls behind. No matter how knowledgeable you are, cybersecurity at human speed can’t keep up with ransomware crews using increasingly complex software to manage their operations. 

For companies like this energy provider, the stakes are high. “If they encrypt our environment, we can’t supply energy to customers,” says Joe. 

A data breach of even the smallest of our client’s vendors could put them at risk, so Joe and his team needed a way to keep an eye on even the smallest of breaches. 

THE SOLUTION
Using AI to flag specific cyber attacks, threats, and vulnerabilities

The analyst team at this company needed better tools to help leverage their time and attention and stop doing manual research. Joe’s team had been using Feedly to aggregate information for years. But when his boss, Oliver, Cyber Security Manager, found out that Feedly’s cybersecurity-specific plan could use AI to flag cyber attacks, threats, and vulnerabilities, they knew they had to try it. 

Organizing their security sources into focused Feeds 

Oliver created Feeds around three main focus areas: renewable energy sources + cybersecurity, critical vulnerabilities, and supply chain threats. 

The team selected sources of information they trusted to track cybersecurity news. Not all articles from their trusted sources concern the energy sector. To filter out cybersecurity news unrelated to the energy sector, they configured Feedly AI to flag articles about the specific areas they care about.

“Before using Feedly AI, we had very generic Feeds. We were just looking for energy and cybersecurity news in our region. But over time, I’ve been able to nuance our requirements over supply chain attacks, like Solar Winds.”

Tracking ransomware in the energy space

For example, the analyst team has always tracked news at the intersection of cybersecurity and the energy sector. But once they started using Feedly for Cybersecurity, they created an AI Feed to flag articles that cover ransomware in the energy industry.

The team created an AI Feed to flag articles about ransomware and the energy industry.

Tracking supply chain attacks

“We were concerned about the supply chain risk for our company,” says Joe. “We talked to our internal procurement team to really understand our top 30 providers, with whom we spend millions of dollars.”

To track supply chain risks, the team selected the exact vendors they work with and created a personalized stream of intelligence to track risks coming from their supply chain. “We were able to turn the list of our top partners into an AI Feed and ask him to flag cyber attacks targeting those partners,” explains Joe. 

The analyst team used the “Feedly Company Lists” feature to track a list of 650 suppliers — from Microsoft to small law offices. Feedly AI now flags articles about cyber attacks on those companies.  

With an AI Feed n place, Feedly AI flags articles about data breaches related to any of the company’s suppliers, so they’ll know when one of the companies in their supply chain is breached or attacked. Feedly AI recognizes most of these names as companies, so he can differentiate if an attack is about Amazon (company) vs. Amazon (the river), for example.

Pushing articles to Slack to share with the local intelligence community 

Beyond their internal intelligence team, Joe and Oliver share information across several platforms with peer organizations cybersecurity teams around the globe. 

When members of Joe’s team save articles to the “Attacks in Energy Sector” Board, they automatically get pushed to a designated channel in Slack.

Joe and Oliver add critical articles to a specific Feedly Board. They’ve connected the Board to the collaboration platforms, so when Joe or his teammates add articles to the Board, their security community will automatically see critical updates. 

The analyst team can add Notes when they save articles to their “Attacks in Energy Sector” Board, and those notes will show up in the designated Slack channel.

THE RESULTS
Staying ahead of the curve

In October 2020, thanks to the work Joe had done to create AI Feeds based on their top 30 suppliers, his team proactively identified a data breach from one of their vendors. 

“Thanks to my supply chain AI Feed in Feedly, we identified that one of our vendors had been breached a week before the company actually officially told us.”

This proactive alerting allowed Joe’s team to inform procurement areas and monitor leak sites to see if any sensitive material had been published. Luckily none had been released, and the issue eventually went away.

In March 2021, Joe checked his Feedly in the morning as usual, and found an F5 breach within two hours of the breach itself. “I was sitting at my desk, and I saw the F5 vulnerability pop up in Feedly. I pushed it out to management, and then there was a massive effort to patch that problem within two days, which was awesome.” 

I was sitting at my desk, and I saw the F5 vulnerability pop up in Feedly. I pushed it out to management, and then there was a massive effort to patch that problem within two days, which was awesome.”

Avoiding information overload

When a vulnerability is exposed, “information overload goes up — you can see how the malware reporting goes up associated with that particular vulnerability” says Joe. In response to an exposed vulnerability, there’s a corresponding increase in exploits. That’s where Feedly comes in. Instead of wading through pages of articles about vulnerabilities and exploits that don’t concern his company, Joe can use Feedly AI to surface vulnerabilities and exploits relevant to them.

“And that’s the power of Feedly. Using the smarts, intelligence, and Feedly AI’s natural language processing to align vulnerabilities with exploits. What pops out at the end is what you need to know, what you need to take action on. Not the noise.”

What’s next: expanding the supply chain tracking 

In late 2020, the analyst team discovered that a smaller supplier was attacked after using a tool with an unpatched vulnerability. Criminals were able to steal data through a File Transfer tool. Our client was spending a relatively small amount of money with this company, so they weren’t on their list of top 30 suppliers, but this made Joe and his team realize they needed to expand their supply chain tracking in Feedly. 

The more they personalize their Feeds with help from Feedly AI, the more our client’s security analysts can stay focused on the real threats. As Joe trusts Feedly more and more, he can focus on the high level analysis, and rely on Feedly AI ‘s natural language processing to do the tedious work for him. 

Joe is excited for the possibilities to get even more proactive with upcoming Feedly features. In addition to their supply chain tracking project, the analyst team plans to use the Feedly API to push alerts directly to their internal intelligence platform, which will make it even easier to focus on threats.

From a proactive monitoring perspective, the power of using Feedly is to actually inform you of breaches before anyone else knows.”

More proactive threat intelligence. Less noise.

Streamline your threat intelligence in Feedly so you can focus on real threats and ignore the distractions.

start 30 day trial

Leo’s Vendor Advisory Integrations for Cybersecurity Teams

Por Sarah Hartland
What's New
Leo is now integrated with 15 vendor advisories, giving you real-time access to relevant CVE and CVSS information, directly in your feed.

TRanscript
New Leo CVE Skill – Vendor Advisory Integrations

“Hi folks, this is Remi from Feedly. I wanted to share with you the latest updates on the Leo cybersecurity skills, which has to do with vendor advisory integration. Very exciting one.

The premise for this is that we’ve heard from a lot of our customers that connecting Leo’s knowledge graph directly to vendor advisory sites would be highly beneficial to get updates on CVEs faster, basically immediately as they get published on those vendor sites.

So we built it as you can see, we started integration with the most prominent vendor sites, as you can see here. So we’ve got our Microsoft, Oracle, Cisco if you have any vendor of choice that is not in this list, please let us know because we’re continuously adding more vendor sites to to the knowledge graph. Your feedback is important and will be taken into consideration.

To show you what that looks like, if you take a look at your Today page and your CVE dashboard and your trending vulnerabilities on the right hand side, you can zoom in to this latest vulnerability for Microsoft from a couple of days ago. Click on the CVSS score, which just normally just opens up the NVD page for that vulnerability, you can see that at the NVD level, this is still under undergoing analysis. And there isn’t much detail about it yet on the Phoebe side of things.

Thanks to Leo, you still have all of the elements that appear over here, as well as your usual reference articles and all the chatter around that particular CVE. This is because Leo is picking up that information directly from the Microsoft site and makes all of these updates again, almost in real time. So the outcome of this is that you can really be aware of what’s happening around these critical vulnerabilities sooner without having to go individually to all these other sites and looking up IDs.”

Which vendor advisories does Leo integrate with already?

Tenable, Mozilla, Google Android, Microsoft MSRC, Cisa, Google Chrome, F5, Cisco, Apple, Redhat, zdi, CERT/CC, Oracle, Rapid7, Palo Alto Networks, Dell, Adobe, Apache, Checkpoint, IBM, Siemens, Juniper, Jenkins, OpenVPN AS, Apache Tomcat, ElasticSearch, Google Cloud, NGINX, Haproxy, SAP, CNA vendors NVD, ISC, Netapp, Atlassian

I don’t see a vendor advisory I need on this list – can you add it?

Yes! Contact your Customer Success Manager and we are happy to connect additional vendor advisories for you.

How one tech exec used Feedly to power his passion project

Por Sarah Hartland
Case Study
Steve Makofsky shares how Feedly has become part of his newsletter creation workflow

When the world went into lockdown back in March 2020, Steve Makofsky, like many of us, was feeling a little restless. 

Steve, a long-time tech executive (Disney, Nike), is an engineer with a passion for streamlining his workflow and feeding his mind. Could he find a quarantine project that allowed him to do both while keeping up with his insane to-do list? With a little ingenuity (and the help of Feedly), the answer turned out to be yes. 

Searching for a signal in a sea of noise 

Back in the day Steve, a tech old-timer, stayed up to date via blogs. As a reader he found it easy to discover interesting new perspectives simply by checking the blog rolls of his favorite writers and visiting the sites they recommended. As the author of a couple of books on programming he also blogged himself to drive interest towards his work. 

But as the Internet evolved, Steve found less and less value in blogs. He still dug around online for useful takes and fresh voices, but it felt a whole lot harder to find them. “Something has been lost in blogging,” he says. “I found discovery of similar content to what I like, or maybe opposing views to challenge some of my ideas, has been a real struggle.” 

As a service to a small group of friends and colleagues facing similar challenges, Steve began sending out an ‘annual report’ listing resources they might find interesting. He often received grateful notes in reply. Then, coronavirus struck and Steve found himself with time on his hands. He wondered if he couldn’t supercharge his ‘annual report,’ turning it into a weekly newsletter offering links to great resources from around the web. 

Squeezing a passion project into a jam-packed schedule 

Steve has an extremely busy day job, which means he needed to find an efficient way to discover and process content for his new passion project. Enter Feedly, stage right. He began supplementing his existing feeds with content he discovered using Feedly AI, as well as scouring Twitter and Reddit for interesting sources. 

He also subscribed to a number of Substack newsletters, which he’s happy to aggregate with the rest of his content via Feedly, sparing his inbox further clutter. “I’m glad I don’t have 83 things hit my inbox every day anymore,” he laughs. Steve then uses Feedly to sort all these insights into topical feeds like ‘Mind Changers’ (for writers that often shift his perspective) and ‘Workflow’ (for time-saving tips). (You can read a deeper diver into his aggregation process here.)  

It’s an incoming river of content, but Steve has designed a streamlined system for winnowing it down to just the ten or so links he includes in his weekly newsletter

“Every two or three days, I have a reminder to clean out my to-read list. I carve out 30 minutes in the evening to read some stuff. By the end of the week, I end up with 30 or 40 tagged items. I spend Friday night really going through them, getting the pulse of what I want to talk about, and limiting them down to ten,” he explains. 

A bit of clever automation Steve built allows him to export his top links, along with their headlines, into a template. After another 30 minutes of summarizing and polishing, he’s ready to hit send on his weekly newsletter of suggested links. 

Steve’s blog, ‘Makoism’

Add Steve’s blog to your Feedly!

Click here to follow Steve’s blog, right from your Feedly account.

Follow steve

Sorry, sourdough

All together that adds up to no more than a few hours a week for Steve’s newsletter side project, but he’s seen sizable benefits from this modest investment of time. First, recipients seem genuinely appreciative. “Oddly enough, it is gathering an audience,” he says of his weekly updates. “I did not expect that. I just write pretty authentically, but it seems to resonate with people.”  

Perhaps even more importantly, Steve believes the project not only kept him occupied in quarantine but also gives him a leg up professionally. 

“The process has kept me in tune with what’s going on around me with technology. I’ll sit around with my colleagues and I’ll be talking about something they don’t know about. So it enables me to keep up with what’s up and coming. It’s good mental exercise.” 

With all due respect to quarantine baking or gardening, that is a pretty impressive benefit for a lockdown side project. 

Use Feedly to Track Vulnerabilities Affecting Your Supply Chain

Por Sarah Hartland
Tips & Tricks
Relevant, real-time threat intelligence based on your vendor list

Cybersecurity vendor risk management (VRM) is notoriously difficult. Security teams need to know when their vendors experience a security incident, but they often lack visibility into supply chain threats. 

Many companies only learn about a security incident when the vendor notifies them. Meanwhile, as soon as threat actors know about a vulnerability, they start acting on that knowledge, which leaves you increasingly vulnerable. 

Additionally, not every vulnerability affects your security, and not every vulnerability affects your security equally. You need meaningful, real-time insight into the high risk threats facing your company and supply chain vendors. 

With Feedly for Cybersecurity, you can create Feeds tailored to your technology stack and supply chain, including hardware, software, and firmware for streamlined monitoring enabling proactive remediation. Unlike keyword matching, Leo uses artificial intelligence to recognize key information so that you never miss important information. You can also share this focused risk intelligence with industry peer groups like Information Sharing and Analysis Centers (ISACs) or team members using email, messaging applications, and the Feedly API. 

From a proactive monitoring perspective, the power of using Feedly is to actually inform you of breaches before anyone else knows.”

Anonymous Cybersecurity analyst in the energy industry

Reduce the noise with a Feed focused on your supply chain risks

Threat researchers use many different intelligence tools. Whether getting data from a managed services provider (MSP), setting news alerts, following social media, or collecting cybersecurity newsletters, the time and information overload is overwhelming. To reduce noise, you might be setting alert emails to come in once a day. However, filtering through all those emails is time-consuming and overwhelming. On top of this, once you find a nugget of valuable information, you need to do independent research to get the details you need to protect your company, and you need them quickly.

We trained Leo to understand cybersecurity and critical vulnerabilities to synthesize all the information you need. Training Leo by setting Priorities based on your vendor list lets you teach him to focus on only what you need to secure your environment information. Priorities help you teach Leo about the risks unique to your supply chain, whether it’s hardware, software, or a non-technology business partner.

By customizing your Feed using Leo and Priorities, you fine-tune your threat intelligence and build visibility around risk criticality.

Creating dashboards around the threat intelligence you need

Leo knows cybersecurity, and you can teach Leo to know your supply chain risk, too. With the LEO CVE Dashboard, you get at-a-glance, real-time visibility into:

  • CVSS score and vector string
  • CWE
  • Affected systems, including vendor advisories
  • Exploit information
  • Patches
  • Associated malware families
  • Associated threat actors
  • Awareness graph
  • Number of Web and Social Media mentions, including Twitter and Reddit

Teach Leo which vendors to track

More than just reducing the noise, Leo streamlines threat intelligence research with visualizations that help you prioritize your organization’s risk.

In your Today feed, you’ll see a list of recent, critical vulnerabilities for at-a-glance visibility into new threats facing your technology stack. 

When you click on the vulnerability, you’ll see a color-coded awareness graph for at-a-glance visibility into what people are saying about a specific CVE.

The clickable boxes direct you to more information about the vulnerability, including:

  • threat actors
  • malware families 
  • affected systems 
  • available patches

By training Leo and setting Priorities, you get focused threat intelligence giving you the visibility you need and enabling you to respond more rapidly to new threats. This visibility improves key cybersecurity metrics like reducing mean time to detect (MTTD) and mean time to remediate (MTTR). 

For example, one customer in the energy industry used Priorities alerting them to a new vulnerability so that they could patch the problem within two days, rather than having a security weakness that could lead to a data breach. . 

Set Priorities to focus your feed

Setting Priorities to teach Leo about your critical supply chain risks is an intuitive process. 

Start by defining the level of CVE criticality you care about most. If you need more than one Feed so that you can look at High Risk and Moderate Risk CVEs, you can do that, too. 

Now, personalize that Feed to your current critical technologies and business partners. You can add any as you want, including business applications, messaging apps, or any other critical vendors that your team wants to monitor. To add more terms and risks, just click ‘OR’ and add each new term.

Use the Feedly Cybersecurity API to prioritize remediation activities

Once you have the information, you need to share it across the team to remediate risk. The Feedly Cybersecurity API gives you a way to share information and reduce MTTR. 

Feedly supplies access tokens so that you can send the aggregated CVE/CVSS/Exploit information using JSON format. By translating to JSON, Feedly gives you a way to align your threat intelligence with your event log data to enhance correlation and analysis. With our API, you can connect your threat intelligence into any Security Information and Event Management  (SIEM) or Security Orchestration, Automation, and Response (SOAR) solution that uses these integrations. For example, the Feedly API adds metadata to articles including associated malware families and threat actors, entities mentioned, and MITRE tactics and techniques.,   With all the information you need in a single location, you bring together the technical information and threat intelligence together for full visibility into all risks. 

Finally, you can forward critical security data directly to your ticketing application, like Jira, and build it directly into your team’s workflow. This capability saves time since you don’t need to jump between different windows and applications.

“Leo makes Feedly unique because he allows us to build queries and thus create our own Feeds. This gives us the ability to focus on the articles we WANT to read.”

Anonymous Cyber Threat Intelligence Researcher

Try Feedly for Cybersecurity

Feedly for Cybersecurity streamlines supply chain threat research to help you more rapidly respond to emerging threats.

Start 30 day trial

Easily track cyber attacks across your industry and supply chain

Por Sarah Hartland
Feedly AI understands all types of cyber attacks and can track them for you

The only constant in the realm of cyber security is change; hackers are continuously maturing and becoming more sophisticated, attack patterns are constantly evolving, and the threat landscape is growing more volatile every day; one cyber attack occurs every 39 seconds.

That’s why we’ve enhanced Feedly AI’s knowledge of cyber attacks, targets, and industries so you can keep pace with the threat landscape and do what you do best: maintain the integrity of your security posture. You can ask Feedly AI to flag critical cyber attacks in your feeds and focus on specific attacks targeting your industry or supply chain. You can also push attack insights to your internal platforms via the Feedly API.

Track all types of cyber attacks with a single smart topic

Feedly AI flags important information to focus your efforts on targeted insights. Feedly AI understands cyber attacks because we taught him about malware, ransomware, data breaches, phishing, social engineering, and fraud.

You can train Feedly AI further and have him focus on the specific topics, threats, and threat actors you care about to gain a deeper understanding of the threat landscape as it applies to you.

From a proactive monitoring perspective, the power of using Feedly AI is to actually inform you of breaches before anyone else knows.”

Cybersecurity Analyst at a top energy provider

You can start by training Feedly AI to recognize cyber attacks as a smart topic, a concept that Feedly AI has been trained to understand with our AI models. Simply navigate to the security category you want to add this insight to and enter “cyber attack” as a topic. Training Feedly AI to highlight cyber attacks in your security feed keeps you up-to-date with the most recent reports. Highlighting the attacks that are actually being conducted in the wild helps you effectively prioritize and ensures you never miss a thing. 

Focus on attacks targeting specific industries or Fortune 500 companies

We’ve taught Feedly AI to recognize 19 industry sectors to ensure you always have the most current industry-relevant threat intelligence at your fingertips. Don’t see your industry? No problem! Ask us and we’ll teach Feedly AI to recognize it.

We were able to turn the list of our top partners into an AI Feed and ask Feedly AI to flag cyberattacks targeting those partners. That’s how we identified that one of our vendors had been breached a week before that the actual company told us.”

Cybersecurity Analyst at top energy provider

Feedly AI also recognizes each company listed in the Forbes Fortune 500 list to help you optimize and maintain your vendor security initiatives.You can gain these deeper insights simply by adding the industry or company you want Feedly AI to flag for you. 

You can use Feedly AI to detect new risks, reinforce your vendor risk programs, and potentially be the first to discover a breach. 

Track attacks targeting your supply chain

Track up to 1,000 vendors in your supply chain to see the most relevant cyber attacks early.

Supply chain attacks have been in the limelight recently. Now, Feedly AI can help you cross-reference your known vulnerabilities with the latest threat intelligence. Proactive alerting informs you of critical vulnerabilities, cyber attacks, and emerging threats before anyone else. Need to know about zero-day exploits as soon as they are targeted? No problem. Need to create your own list of companies you want to track? Feedly AI has your back.

Everything you need, nothing you don’t

Every second counts in cybersecurity. You tell Feedly AI what you want and it populates the insights you need, when you need them.

Feedly AI does the work upfront so you can filter out the noise and save massive time, working smarter and faster. Up to 80% faster.

Before using Feedly AI to track cyber attacks, we would struggle with an overload of data and waste time sifting through information. Our feed is now 2-3 times shorter, we do not miss out on any important cyber attacks and we earned back so much time!

Anonymous Cybersecurity Analyst

Want to track specific cyber attacks in your field?

The Cyber Attack AI Model is one of the advanced AI skills in the Feedly for Cybersecurity package.

Start 30 day trial

How can I make sure my Web Alerts aren’t missing anything important?

Por Sarah Hartland
Tips & Tricks
Concrete steps to widen your information gathering and never miss a thing

Asking Leo to monitor topics, trends and concepts you care about with a Web Alert  is a great way to make sure you never miss what’s important to you. Leo’s advanced knowledge graph allows him to recognize topics and concepts like a human research assistant that never sleeps, saving you countless hours.

When you set up a Leo Web Alert, he will read hundreds of millions of sources across the web, even sources you aren’t already following. We’ve previously talked about refining your searches to reduce noise, but in some cases you may prefer to widen the net.

If this is the case, this article is for you! Below are our best tips for making Leo Web Alerts as broad as possible. This is especially helpful if your topic is very niche, or your job requires you to keep on top of even small mentions. 

Ask Leo to read ‘Everything’ instead of just ‘Titles’

If you never want to miss a mention of your topic, you can ask him to look for ‘Everything’ across the web, not just article ‘Titles’. This ensures Leo will find even small mentions in long articles. This is a great way to ensure you’re never missing relevant commentary across the web.

Example: Track product launches and partnerships from Apple in the finance industry, even when they are mentioned in the body of an article rather than the title.

Tell Leo to be less picky by increasing the number of articles he should show you

You can further expand your feed by requesting more articles per week related to this topic. Think of this like telling Leo not to leave anything out of your feed, even small mentions. This is especially important if your job involves close tracking of niche concepts. 

I can ask Leo to find more articles for me every week by surfacing content from more niche sources.

Layer Web Alerts and Google Alerts to compare the differences

Generally speaking, Leo Web Alerts will be more relevant than Google News Alerts or keyword alerts. This is because Google News Alerts limit your search only to top news and trade publications, and keyword alerts track exact keyword matches, rather than smart concepts. 

When comparing a similar Google Alert and Leo Web Alert inside Feedly, you can see that there is some overlap, but Leo surfaces even more relevant articles, and Leo gives you the ability to refine your search as needed to decrease noise. 

Leo flags relevant articles about Apple product launches and partnerships in the finance industry and adds them to my Web Alert.

If you’re not ready to convert your Google Alerts, you can have both in a feed! Google Alerts are indicated by the magnifying glass icon, while Leo Web Alerts are indicated by the bullseye icon. If you want to compare results between your two alerts, set them both up as sources for the same Feed, and you’ll be able to compare results side-by-side daily. 

When you’re ready, you can delete one of the alerts or refine your Leo Web Alert anytime by hitting ‘Refine’ in the upper right corner of your Web Alert.

When in doubt, we can help

We’ve been working hard on Leo Web Alerts behind the scenes, and helping you be successful is our top priority. If you’re still struggling to get your Feeds just right, we can help. Click below to schedule a short call with one of our experts, and we’ll have you up and running in no time. We can’t wait to meet you!

Web Alerts are a no-brainer for anyone who needs to be on top of things that matter to them. I found using Google Alerts inconvenient because I’d have to set them up outside Feedly. Now that I use Web Alerts, I am sure that I am keeping as much in Feedly as possible.”

Mark Evans, Principal Product Manager, LexisNexis Risk Solutions Group

Something missing?

Schedule a quick session with a customer success manager and we’ll set up your Leo Web Alerts together.

Schedule help session

Optimize your signal-to-noise ratio with Leo Web Alerts: Advanced tips and tricks

Por Sarah Hartland
Tips & Tricks
Get what’s relevant to you in your feed using Leo Web Alerts

There’s a fine balance between reducing noise and never missing out on important information. Leo Web Alerts let you cast a wide net: Just tell Leo to track your chosen concept (like companies, trends, technologies, malware families…) across the web, and you’ll get the results in Feedly. Then, refine your Web Alerts based on your specific requirements. In this tutorial, we’ll show you a few advanced tips and tricks that can help you optimize the signal-to-noise ratio based on your area of interest.

Ask Leo to search through ‘Titles’ only, instead of ‘Everything’

Example: Track Fortune 500 companies in the retail industry, but only when they are mentioned in an article’s title (and therefore, the main idea of the story).

When you’re setting up a Web Alert, Leo can track your topic across “Everything” — this means he will read article titles and the full text, searching for the concepts you’re interested in. 

This is a great way to make sure you’re never missing out, but can sometimes result in noise in your feed. For example, if your topic is mentioned in a long article, but is not the subject of the entire piece.

To avoid this noise, you can switch to “Title” matching mode, and Leo will surface articles that mention your topic or concept in the title only.

Track Leo Concepts instead of keywords

When tracking a concept with keywords, you have to manually list out possible keywords. We’ve pre-trained Leo to recognize hundreds of concepts, so you can replace a long list of keywords with a single concept. Leo Concepts are machine learning models that replace large sets of keywords, remove blind spots, and reduce noise. 

With keyword searches, you’d need to account for every possible keyword that might be related to product launches. Leo has been trained to recognize and flag product launches, even if articles don’t contain the words “product launch” at all.

For example, if you want to track product launches with keywords, many articles might mention the phrase “product launch” rather than actually provide news about a launch. You can leverage Leo Concepts, as Leo has been trained to recognize and flag launches — even if they don’t contain the phrase “product launch” at all — in articles like this one, for example.

Then, combine concepts (like adding your industry or a specific company you want to keep an eye on) to improve the signal-to-noise ratio even more.

Adjust the velocity slider to control the volume

You can specify how many articles per week you want to see related to this topic. Think of this like telling Leo how picky you would like him to be when he chooses which articles to show you.

In the first step in the slider, Leo reads manually curated top-notch industry publications, blogs, business and strategy magazines, and research journals. As you move the slider to the right, Leo will browse through sources that are less and less popular.  Adjusting the velocity slider can drastically reduce noise in your feed.

Refine your bundles: Specify the types of publications you want Leo to draw from

Leo knows the difference between a research journal or a news article, and between a news article and a blog post, etc. This is incredibly helpful when you want to keep up with everything related to your topic of interest, but you only want to hear from experts. 

Under the “Sources” tab, you can select from a variety of bundles of sources.

Example: In this example, I want to search through Strategy Magazines, Industry Publications, Tech Blogs, and Business Magazines, but not National Newspapers.

Exclude irrelevant companies, products, topics, or sources

To exclude a noisy source or topic in your preview results, you can click the Less Like This button.

When you’re previewing a Web Alert, click the ‘Less Like This’ button to tell Leo to exclude a noisy source or topic you’d rather not see.

You can also exclude topics when you’re creating a Web Alert with the ‘NOT’ section. 

You can choose to exclude a website, like pymnts.com, or a specific concept, like DevOps. 

Our recommendation: start with a wide net, refine as you go 

For the best results, we recommend starting with a wide net (Leo recommends the best settings for you by default), and using the preview screen to refine more. Web Alerts become a “source” for your specified Feed, and you can always go back and refine them further.

To recap, here are the basic steps to translating your intelligence needs into Leo Web Alerts:

  1. Tell Leo what concepts you want to track 
  2. Use AND, OR, and NOT to optimize the signal-to-noise ratio
  3. If needed, refine sources with your own trusted sources

To refine an existing Web Alert, click on the Web Alert inside your Feed, and you’ll see a “Refine” button — this returns you to the screen where you originally set up this alert and allows you to update it as and when necessary.

Leo gets smarter as you give him more feedback. You can give Leo feedback by selecting “Less like this” on articles that aren’t quite right. Leo will adapt based on your feedback and become even more helpful over time.

Click “Refine” if you need to narrow down your search at any time or give feedback for Leo to get smarter and provide better content to you. 

More of a visual person? Start with this short video

Try Leo Web Alerts with your team

Start a free 30-day trial of Feedly Enterprise and get access to advanced Leo Concepts for Cybersecurity, Biopharma, and Market Intelligence.

TRY FEEDLY ENTERPRISE

11 examples of how Feedly users track specific concepts across millions of sources with Leo Web Alerts

Por Sarah Hartland
Tips & Tricks
How experts in market intelligence, cybersecurity, and biopharma translate their intelligence needs into Leo Web Alerts

The best way to get inspiration to create your own Leo Web Alerts and optimize the signal-to-noise ratio for your intelligence purposes is to look at examples that other researchers and analysts have created in Feedly. Here, we’ll show you examples of Leo Web Alerts that real Feedly users across industries use to track relevant trends and topics across the web. 

Track emerging trends

Analysts at a gaming company combine the Non-Fungible Token (NFT) concept with Video Games to track NFTs in their space.

Keep up with innovation

Track innovation by your competitors or companies of interest, whether they’ve filed a new patent or created an existing technology.

Research the strategic moves of your competitors

An analyst at a retail company tracks the strategic moves their competitors are making: Are they launching new products? Raising funds? Signing partnerships? Combine the company with the various strategic moves you’re interested in to track these happenings.

Research consumer behavior

​​Analysts in the finance space combine the Consumer Insights concept with the Finance Industry” topic to surface insights on changes in consumers’ behavior in their space.

Find inspiration for your content marketing 

Content Type concepts look for specific types of content (tutorials, listicles, expert insights, interviews, etc). Content creators and content strategists find inspiration for specific types of content by combining a content type with a social media platform, industry, or topic. For example, if you’re a social media strategist, you can track TikTok AND Tutorials to find examples of existing tutorials about TikTok.

Keep up with business leaders

This one’s simple. Salespeople targeting leads interested in specific leaders in the space just ask Leo to track that specific person.

Try Feedly for market intelligence

Automate analysis with machine learning and effortlessly surface the insights that matter to you. 

START FREE 30-DAY TRIAL

Discover and research critical vulnerabilities and zero-days

Cyber threat intelligence analysts use the Vulnerability concept to track vulnerabilities and filter them based on their CVSS score (actual or predicted). They combine the Vulnerability concept with a specific company, whether one of their customers or in their supply chain, to keep an eye out for critical vulnerabilities affecting the company.

Research threat actors

Analysts research specific threat actors and their corresponding tactics and techniques according to the MITRE ATT&CK framework by combining Threat Actor names with the Tactics and Techniques (MITRE ATT&CK) concept.

Track cyber attacks

Analysts use the Cyber Attacks concept combined with companies of interest (their own company, vendors, customers, or competitors) to track cyber attacks affecting these companies.  

Try Feedly for Cybersecurity

Streamline your open-source intelligence workflow with Leo, your easy-to-train AI research assistant. 

START FREE 30-DAY TRIAL

Track scientific breakthroughs

Researchers at biopharma companies combine their disease of interest (like Diabetes Mellitus, Type 2) with the Scientific Breakthroughs concept to stay on top of the latest breakthroughs and innovations made by companies, startups, and research teams around this disease.

Track regulatory changes

Researchers at top pharma companies combine the concept of their disease of interest (Neoplasms, in this case) with the Regulatory Changes concept to track new laws and regulations, high-court rulings, bans, FDA and EMA approvals concerning this disease.

Try Feedly for Biopharma

Create personalized biopharma feeds to proactively track specific diseases, topics, and trends.

START FREE 30-DAY TRIAL

Feedly is hiring a Marketing Automation Manager

Por Sarah Hartland
Work at feedly

We’re looking for a hands-on Marketing Automation Manager with Hubspot expertise to help us level up our B2B marketing efforts. You will own our Hubspot environment across the Marketing, Sales and Customer Success teams, and be responsible for educating the broader organization on data hygiene and digital marketing best practices.

Goal

Leverage Hubspot and other automation tools to improve marketing processes and productivity, keep up with and implement digital marketing best practices, and make recommendations to support the success of the marketing team.

Responsibilities

  • Own Hubspot execution across the Sales and Marketing Hub, with a particular focus in Workflow creation and analytics.
  • Work with the team to ensure contact database hygiene, proper audience segmentation, and object, property and record maintenance.
  • Set up email campaigns in collaboration with the broader marketing team, recommend and implement A/B and multivariate testing, and advise on ways to continuously improve overall email performance.
  • Continuously research relevant keywords opportunities and keep the content team up to date on these findings.
  • Assist with social media ideation, scheduling, and reporting.
  • Identify and educate the team on best practices for marketing automation, audience targeting and database hygiene, events and behavioral tracking instrumentation and digital channel measurement.
  • Set up and publish blog posts in WordPress.
  • Maintain and create Zapier integrations between several systems, including but not limited to Feedly, Hubspot, Copper CRM, Typeform, Slack and more.

Required skills and experience

  • You have 3+ years of experience with Hubspot, particularly focused on technical implementation. You’re also comfortable setting up custom events and behavior triggers in Hubspot and Google Analytics.
  • You have incredible attention to detail.
  • You can conduct keyword research for specific projects and monitor trends in order to make recommendations.
  • You have experience in B2B marketing.
  • You’ve managed cross-functional projects with success.
  • You’re an independent problem-solver, but not afraid to ask for help when needed.

Preferred skills and experience

  • You’re comfortable with HTML and CSS.
  • You have SaaS start-up experience.
  • You have experience in the cybersecurity or biopharma industry.
  • You already use and love Feedly.
  • You have experience working with developers and writing technical software requirements.

Benefits

  • Salary range: $70-90k, depending on experience, cross-functional abilities and location.
  • Remote working: Feedly is a remote-first startup, located in the San Francisco Bay Area. We believe in doing work we love, from places we love! Whether you prefer to work from home or an office, we support with coworking costs and a solid home-office setup.
  • Flexible hours: We believe that performance should be measured on output, and not when and how you work, so at Feedly, you will find a lot of flexibility to design your own rhythm of work.
  • A social work-life: We are a small and sociable group. We make an effort to stay connected with Zoom team kick-offs every week, 1-1s, and social catch-ups over games. Post Covid we expect to meet up every quarter for a few days of workshops and fun.
  • Growth mindset: We think learning is key to winning so we have created a learning budget of $1,200 per person to spend on courses, conferences, coaching or whatever you think will help you improve and grow.
  • Gym perk: Feedly supports healthy and balanced lifestyles and will refund up to $120 per month in “gym and other sport-related” expenses
  • Health insurance: Feedly offers and pays for medical, dental and vision coverage for all our employees and their dependents.

Process

  • Submit your resume and a screenshot or recreation of a Workflow automation you created with Hubspot, annotated with notes about the impact that workflow had.
  • 30 minute phone screening with the Director of Demand Generation
  • 60 minute team interview with members of the sales and marketing teams
  • 30 minute final interview with CEO

About Feedly

Manually keeping up with the topics and trends you care about is tedious and overwhelming.

Feedly is an AI-powered research tool that allows individuals and organizations to track key industry trends, without the overwhelm.

We serve 15 million individuals and 2,000 organizations.

Feedly is a remote-first, self-funded, fast-growing, and profitable startup, located in the San Francisco Bay Area.

We’re a small and ambitious team that works closely in sync while each taking real ownership of our respective areas.

Our mission is to make Leo the world’s most helpful AI research assistant.

Track the influence of the largest US companies with Feedly AI

Por Sarah Hartland
What's New
Feedly AI understands and can track Fortune 500 companies and their aliases

Traditional keyword matches fail to understand aliases, synonyms and abbreviations, and standard content monitoring tools don’t allow you to track segments or industries, which puts you at risk of missing key information that could help you monitor the major players in your industry.

Today, we are excited to announce a new AI Model, Fortune 500. This smart topic enables you to track mentions of the top 500 US companies without having to list each company (and their aliases) individually.

Layer topics to find what the content you need

Imagine you’re an analyst at a bank, and you’re interested in tracking what large companies and competitors are implementing around cryptocurrency and blockchain technology.

You can layer topics like “Cryptocurrency” with the Fortune 500 smart topic to find relevant articles quickly and ask Feedly AI to include them in your Feeds.

Set an AI Feed with these filters to see articles about what Fortune 500 companies are doing with cryptocurrency and blockchain technology.

The Fortune 500 smart topic is available to Enterprise level customers. Try it today, or start a 30 day trial here.

Before using Feedly AI, our team at Danone would struggle to find the most relevant information about our market and competitors. We would need to track our competitor names on Google News which would bring a lot of noise. Now that we use Feedly AI to track our competitors, we have easy access to articles that are super aligned with what we need to track in our day to day.”

Yong Wang, Strategy & Global Insights, Danone

Find what matters with advanced AI

Put the power of AI in your hands, and track Fortune 500 events and trends proactively. Now available to all users in our Enterprise plan.

start 30 day trial

How can I access this Smart Topic?

This smart topic, as well as, Big Tech and industries, and more are part of Feedly AI’s Advanced AI skills, and are available as part of our Enterprise level plans.

Can I try this before I upgrade?

Yes! We offer a 30-day free trial of our Enterprise level plan, including onboarding and access for your team. Request your trial here.

Which companies are included in this Smart Topic?

Each organization in the “Fortune 500” entity belongs to the list of the 500 largest United States corporations (by total revenue in 2020), listed by Fortune here. 

Can I teach Feedly AI to understand other types of organizations?

Absolutely! Several of our Enterprise customers have shared lists of companies they would like to track in their Feedly. Please reach out to enterprise@feedly.com if you’re an Enterprise customer and we can help you track a custom company list.

How a WillowTree cybersecurity analyst gathers threat intelligence in just 30 minutes a day

Por Annie Bacher
Case Study
Drew Gallis, analyst at WillowTree, leverages Feedly for Cybersecurity to track cyber threats across the company’s supply chain and protect clients
Impact
box icon

Keeps track of critical vulnerabilities in the supply chain so he can react quickly.

chart icon

Went from spending 2-3 hours sorting through threat intelligence news to 30 minutes of reading only the most relevant articles.

target icon

Monitors breaches and vulnerabilities that could put clients at risk…and creates proactive solutions before they become disasters.

THE CUSTOMER
WillowTree, Digital Product Consultancy

Started using Feedly For Cybersecurity: 2020

WillowTree is a digital product consultancy with clients including HBO, Domino’s, Anheuser-Busch InBev, FOX Sports and Hilton. Drew Gallis, a security analyst at WillowTree’s Virginia headquarters, is part of a small team responsible for company security and for proactively alerting WillowTree’s clients of security concerns.

THE CHALLENGE
A limited amount of time to dedicate to threat intelligence

With a small team dedicated to cybersecurity, efficiency is everything. The team at Willow Tree has to stay on top of the threat landscape so nothing falls through the cracks. While Drew’s official title is “Cyber Security Analyst,” he wears multiple hats: incident response, incident remediation, reporting on security news, and securing web and mobile applications developed by WillowTree, with 20-30 projects running at any given time. 

Consuming information fast so he can quickly share actionable insights across the company 

Drew is deeply passionate about cybersecurity and wants to get the word out to everyone in the company. He’s genuinely excited about sharing information that helps other people (developers, clients, etc.) do their jobs better and be safer.

Only about 20% of Drew’s job is dedicated to risk and analysis, and even less of that time is available for news monitoring. So he needed a way to find the best news about critical vulnerabilities without eating up the rest of his time at work. 

Trying out Feedly for Cybersecurity to consolidate and prioritize in one place

Drew’s mentor and supervisor, Adrian Guevara, Head of Cyber Security at WillowTree, had been using Feedly’s free plan for years to consolidate all of his cybersecurity information into one place. So when Drew and his team learned about Feedly for Cybersecurity’s ability to help them refine their Feeds and prioritize the most important information, they had to try it. 

“I only have about 20% of my day to look into risk and analyze different things going on within our organization. I wanted to narrow our data and focus on certain points with my limited time.

Drew Gallis, Cyber Security Analyst, WillowTree

THE SOLUTION
Reducing the volume of information to only critical insights

Adrian and Drew already had all of their top cybersecurity sources organized into Feeds on the free plan. So when they joined Feedly for Cybersecurity, all they had to do was start using Feedly AI to prioritize the most important news. Feedly AI reads every article in their Feeds, and then separates the most important ones into the ‘Priority’ tab. Thanks to this sorting and organization, Adrian and Drew can spend their limited attention reading the high-priority news first. 

“The biggest thing for us was exploring Feedly AI’s functionality. We made tailored filters to prioritize specific services, specific programming languages, specific packages, and different vendors we use.”

Prioritizing critical vulnerabilities in WillowTree’s tech stack

First, Drew set up AI Feeds for all the software tools and services that they use internally at WillowTree. This was simple: He just used AND to add each supplier’s name. 

Drew prioritized critical vulnerabilities for any of the companies in WillowTree’s supply chain.

Then, Drew added a layer to this AI Feed. In addition to prioritizing products and services used at WillowTree, he prioritized high CVEs for services in WillowTree’s tech stack. 

“Normally there wouldn’t be too many articles in my Priority tab, so if I saw a news article pop up, I knew it would be something pressing.

Tracking major programming languages 

Drew asked Feedly AI to prioritize articles that mention any of the major programming languages used for clients at WillowTree. These include: Swift, .NET, Python, C, JavaScript, and TypeScript. 

Drew prioritized critical vulnerabilities for major programming languages WillowTree and their clients use.

Tracking the vulnerabilities that potentially impact clients

Drew also wanted to prioritize news about breaches or cybersecurity events affecting WillowTree’s clients so he could notify them as soon as possible. He used client names (most of which Feedly AI recognizes as companies) in a Priority looking for data breaches. 

Drew created this AI Feed to find out about data breaches in conjunction with WillowTree’s clients.

Tracking issues regarding MacOS

Since WillowTree is a primarily MacOS company, they’re especially interested in any vulnerabilities affecting MacOS. Drew asked Feedly AI to prioritize vulnerabilities related to MacOS so he could easily tell the rest of the company if there was something to be concerned about.

Drew prioritized articles about MacOS vulnerabilities within his team’s cybersecurity Feed.

THE RESULTS
Protecting WillowTree and their clients in just 25% of the time

Since using Feedly AI, Drew has been able to cut down intelligence gathering time every day to just 30 minutes. He knows which articles are most important to read, and can easily see what’s happening in the world of cybersecurity. Not only can he respond quicker to threats and vulnerabilities, Feedly AI also gives him more time to focus on other important work.

“Instead of having to look and sort through articles over 2-hour periods, now I can do it in about 30 minutes, and get better quality of information with Feedly AI.

Protecting WillowTree with continual threat monitoring

Drew leveraged his Feedly setup during the SolarWinds attack to get the critical information, without the noise that happens during this kind of event. Drew didn’t care about the editorial commentary around SolarWinds; he wanted the technical facts so that he could serve his company and their clients. 

How WillowTree sorted technical updates from news commentary during the  SolarWinds breach: Read the full story

Beyond the SolarWinds event, Drew is able to equip WillowTree developers with the information they need to protect the company. Whenever he finds a vulnerability through Feedly, he shares more about it with the team so they understand why fixing it is important. He also uses the information he finds in Feedly to verify Proof of Concepts (PoCs).

Alerting WillowTree clients to security concerns 

Drew also uses Feedly to get indicators of compromise (IoCs) to share with clients, to better protect them now and prevent future threats. He can now send developers and project managers actionable documentation that they can share with clients in the case of a threat.

Before using Feedly AI, Drew spent upwards of two hours each day monitoring security news. Now, he’s reduced the time spent monitoring to just 30 minutes per day. Since using Feedly AI to prioritize critical news, he spends 75% less time, but gets better quality information because his Feeds are tailored to his exact needs. 

“Security news is massive in terms of the scope and the breadth it can go, because each industry has different news. Feedly will save you time and help you condense all of your news articles and news feeds into one place.”

Drew’s team is expanding with a new security hire soon. He plans to train the new team member on the monitoring foundation he’s set up with Feedly so he and his team can continue to efficiently monitor supply chain threats, alert clients, and get the information they need. 

Gather threat intelligence without the noise

Streamline your threat intelligence in Feedly so you can focus on real threats and ignore the distractions.

start 30 day trial

Using Feedly AI to sort technical updates from news commentary during the SolarWinds attack: A case study

Por Annie Bacher
Case Study
How one cybersecurity analyst leveraged Feedly AI to proactively evaluate news around the breach and protect his company and their clients and stakeholders

Back in 2020, it wasn’t hard to find information about the SolarWinds breach. In fact, the problem for cybersecurity analysts like Drew Gallis was the deafening noise of commentary about the breach. In a time of crisis, sites like New York Times and other editorial sources tend to drown out actionable technical information from security-specific sources. 

“SolarWinds catapulted into this massive newsline of all these articles saying stuff with no technical insights.”

Drew Gallis, Cybersecurity Analyst, WillowTree

Drew is a cybersecurity analyst at WillowTree, a digital product consultancy with clients including HBO, Domino’s, Anheuser-Busch InBev, FOX Sports and Hilton. He’s part of a small security team responsible for incident response, incident remediation, reporting on security news, and securing web and mobile applications. Given the limited amount of time he has for monitoring threat intelligence, Drew needed a way to separate critical technical updates from useless news commentary around the SolarWinds attack.

Finding actionable technical insights amid the noise of the attack

“A lot of news organizations just point fingers at different companies, without actually providing any technical backing as to why they’re saying these things,” says Drew. He needed to find useful, actionable information he could leverage to equip his company with the facts they needed to protect themselves and their clients from breaches related to SolarWinds. 

Drew and the cybersecurity team at WillowTree leaned heavily on their Feedly setup to monitor security news during the SolarWinds attack. In the article he published about the breach, Drew writes, “Feedly allows us to leverage and utilize Feedly AI, which can sort and aggregate our “feeds” by filters which narrows down on key indicators such as organization breaches, critical CVEs, vendor releases, system vulnerabilities, new security tooling, etc.”

“I used Feedly to find the real technical insights as to what happened during SolarWinds. So I could easily see IoCs and technical documentation as to how the attack was carried out.”

Using Feedly AI to eliminate false information and gather IoCs

Drew used Feedly AI to quickly eliminate false information which was abundant on the topic, such as accusations of Russian-owned company TeamCity. He was also able to gather any indicators of compromise (IoCs) on the issue, such as logs, data, and statistics. 

By gathering threat intelligence during the SolarWinds attack, Drew and his team were able to hand off actionable reports to developers and project managers to help WillowTree’s clients proactively protect against breaches. He says “I use Feedly to consolidate information and quickly generate actionable documentation and reports that we can then share with our clients. For SolarWinds, I was giving our clients indicators of compromise and different domains associated with the actual breach so they could better protect themselves.” 

Drew uses the information he finds in Feedly to make sure he’s not only educating clients about indicators of compromise and proofs of concept related to SolarWinds, but also helping them protect themselves during future attacks. 

“I use Feedly to consolidate information and quickly generate actionable documentation and reports that we can share with our clients”

WillowTree uses Feedly for Cybersecurity to separate the actionable insights from the noisy commentary. To learn more about using Feedly for threat intelligence, read the full case study about WillowTree’s setup.

Try Feedly for Cybersecurity

Start a 30-day trial of Feedly for Cybersecurity and keep up with critical threat intelligence, without the noise.

start 30 day trial

How a top 10 pharma company tracks drug innovations and more with Feedly

Por Annie Bacher
Case Study
This medical librarian team monitors diseases, drug pricing, innovations, and major political decisions affecting healthcare
Impact
box icon

Curating relevant content for newsletters to inform recipients across the company

chart icon

Spending less than 1 hour daily on Feedly to select relevant insights

target icon

Discovering and organizing open-source biopharma news in one place

This Feedly for Biopharma client has graciously allowed us to share their story on the condition of anonymity. Client names have been changed.

THE CHALLENGE
Discovering and organizing open-source biopharma research in one place

Sienna is a Knowledge and Insights Advisor at a top 10 pharmaceutical company in Australia. Sienna and her team are responsible for two main tasks: responding to specific, timely questions from doctors or researchers across the company, and proactively keeping employees up-to-date on industry developments or innovations. 

Responding to specific, timely questions 

Doctors and researchers might ask Sienna’s team whether a particular drug was ever linked to an adverse event, like “Has amoxycillin ever caused encephalitis?” Or they might answer questions about new drug delivery platforms, like “How do you get our large molecule drug inside the cell so that it can actually get to the target, where it will do the work of curing the disease?” For questions like these, Sienna and her team seek information to compile resource lists or reports. 

Sending out regular briefings to keep everyone informed

The second part of the job is proactively keeping people across the company up to date on drug developments, political decisions, and any other industry developments or innovations. Sienna and her team send out 50 different newsletters about relevant biopharma news every week to 765 recipients, plus a daily COVID newsletter: “We try to keep people informed of the most interesting published research in their areas.” 

Struggling to gather intelligence on broad topics 

For certain queries, Sienna and her team get their information from published literature in research journals, like PubMed.  However, Sienna remembers how tricky things got when her team started getting requests for information about broader topics like drug innovations, regulatory decisions, political decisions, or industry updates. “Rather than being about a specific disease, we started getting asked about things like drug pricing, or the gene and cell therapy industry.” Sienna commented that it wasn’t easy to capture this type of news about “those more general areas where there is news, rather than just published literature.”

She set up some Google Alerts, and subscribed to emails from assorted websites, but it was messy. And if members of the team weren’t already experts in an area (like bioprocessing, for example), Sienna found it hard to know which sources to look at for relevant research. 

Sienna and her team needed a way to ​track dozens of different topics and trends in biopharma at the same time from a large range of sources.

“Before using Feedly, we didn’t really know how to find ongoing news on these broader topics like drug pricing or the gene and cell therapy industry.”

THE SOLUTION
Using Feedly AI to track industry updates, innovations, and regulatory news

Back in 2013, Sienna knew she needed an RSS reader replacement to gather industry updates. At the time, she was using a free, personal Feedly account to read comics in her spare time, and quickly realized she could use the same tool to keep up with the biopharma industry. 

“I truly believe in the power of RSS. It makes Feedly a powerful one-stop shop for all our favorite web pages.”

Feedly AI reads through a pre-curated list of 3,000 top-tier biopharma publications: research journals, industry updates, regulatory news, PubMed, etc and surfaces content on the specific topics Sienna has selected. 
Now, Sienna and her team use Feedly for Biopharma plus the power of AI to track and gather information across the topics they need.

Tracking molecules, drugs, and clinical trials with AI Feeds

Finding relevant insights about a specific molecule or drug used to be like finding a needle in a haystack. But with Feedly AI, Sienna can now easily discover hyper-specific information about the drugs and clinical trials they need to keep up with. 

To replace noisy Google Alerts, Sienna created AI Feeds in Feedly, which allow her to track anything across the web (not just in sources she follows in Feedly), like specific genes, molecules, diseases, or clinical trials. Instead of skimming multiple email updates per day like she had to with Google Alerts, Sienna can refine her a AI Feeds for her specific needs and see results in a single Feed.

Sienna tracks regulatory changes related to Epilepsy and Scleroderma with AI Feeds. Feedly AI knows 5,000 diseases referenced in PubMed, NCBI, and MeSH so it can differentiate the disease names from a simple keyword.

For example, Sienna created an AI Feed for bioprocessing, a topic she was unfamiliar with. By asking Feedly AI to find articles about bioprocessing across the web, she didn’t need to know what the best sources of information were, but she could still get relevant insights about the topic. And as she continues to familiarize herself with the topic, she’s able to refine her bioprocessing AI Feeds to get even better results.

Sienna asked Feedly AI to track bioprocessing across the web.

“AI Feeds in Feedly allow me to be a lot more efficient than with Google Alerts. They’re a huge time saver: I get much fewer articles but all of them are relevant to my biopharma searches.”

AI Feeds like Sienna’s bioprocessing alert, allow her to keep track of news from sources she wouldn’t have found before. “And they’re so much less noisy than Google Alerts.”

Prioritizing top reads across favorite biopharma sources 

For topics Sienna and her team are a bit more familiar with, they already know their favorite sources to seek out information: news sites, research publications, and industry publications. They added all of these sources to Feedly, and asked Feedly AI to prioritize must-reads about drug manufacturers, lists of specific drugs, or specific topics like CRISPR. 

The team also adds Mute Filters to filter out the noise for certain topics. For example, in their Process Analytical Technology Innovation Feed, they’ve muted market reports, sports, and recreational drugs so they don’t get distracted by irrelevant results.

Asking Feedly AI to find similar articles to previously saved content

Since the team is already spending hours reading articles and saving them to Boards, they leverage their curation efforts with Like Boards. “We save things to boards to train Feedly AI,” explains Sienna. Like Boards are a niche feature that this team uses heavily. While we at Feedly pre-train Feedly AI on broad topics, Like Boards are an easy way for users to train Feedly AI to prioritize based on the content they’ve saved to Boards. Instead of surfacing articles about a specific topic, Feedly AI will find articles that share commonalities with what you’ve already saved.

Sienna saves articles to a Board to read later, share with team members, or train Feedly AI to prioritize types of articles you tend to save on a topic, like biopharma breakthroughs.

When Sienna and her team create a Like Board Priority, Feedly AI learns the types of articles they save, and then prioritizes similar articles in their Feeds.

THE RESULTS
A streamlined way to share critical information with hundreds across the company

With the information they gather in Feedly, Sienna and her team spend less than an hour per day to assemble informative weekly newsletters for 765 recipients. And instead of fielding multiple emails and alerts, they enjoy the peace of mind of getting all their open-source biopharma intelligence in a single location inside Feedly. 

By using AI Feeds, Priorities, and Like Boards inside Feedly, Sienna’s team can keep track of industry news and get insights from sources they might have missed with their limited time.

“If we didn’t have Feedly, we wouldn’t be able to capture the information in one place. We’d have to sign up for more email newsletters and then from there we’d have to go through the whole newsletter, whereas with Feedly you can go through one story at a time, all in one feed.”

Now that Sienna and her team have the information gathering process down to a science, she’s excited to explore other functionalities, like saving articles to Boards as a way of sharing with the team and broader company.

And beyond biopharma research? Sienna takes full advantage of the ability to save articles to personal boards, invisible to her team. She has a dedicated Board in Feedly for recipes 🍳

For more inspiration on using Feedly for personal use, see how one tech executive uses Feedly to fuel his passion project

Streamline your research workflow

Feedly for Biopharma can help you research, prioritize, and share insights, without the overwhelm.

TRY FEEDLY FOR BIOPHARMA

How Airbus CyberSecurity gets actionable cyber threat intelligence to customers in minutes

Por Annie Bacher
Case Study
An inside look at how the Airbus CyberSecurity team is using Feedly to monitor and share actionable insights
Impact
box icon

A cohesive, streamlined workflow for threat intelligence that saves hours every week

chart icon

Increased customer satisfaction due to improved speed of intelligence

target icon

Real-time sharing makes it easy to instantly alert customers and collaborators

THE CHALLENGE
“The process used to be way too time consuming and manual”

Chris Pickard, Cyber Threat Intelligence, and Adam Thomas, Vulnerability Analyst, lead the cyber threat intelligence (CTI) team at Airbus CyberSecurity in the UK. The team has since grown significantly, but just a few years ago they were a small team with painfully manual processes for gathering threat intelligence. 

Chris remembers, “We had our favorite sites that we would go to stay on top of the latest trends and to monitor newly released vulnerabilities. It was a more time consuming process compared to how we do things now, and on reflection, it was less structured ” He adds, “We’d have all sorts of set places we would go to to get the news and to get the latest vulnerabilities. It worked but it could sometimes be a frustrating process.”  

Before the CTI team enhanced their news gathering and vulnerability monitoring capability with Feedly, they collected information individually. The process is now much more collaborative, with each member of the team having access to and visibility of the Feedly platform. He adds, “We wanted a way of getting news to our customers much more quickly and to work together in a more streamlined way.”

Like many current Feedly for Cybersecurity teams, Chris had been using Feedly for personal use in the past. Once he and Adam discovered Feedly’s cybersecurity-specific features, they felt like they had found a cheat code for finding what matters and getting it to the right people, faster. 

“We wanted a way of getting news to our customers more quickly and to work together in a more streamlined way.”

Chris Pickard, Cyber Threat Intelligence

Immediate impact from the proof of concept

Chris and Adam still needed to convince upper management to adopt Feedly for Cybersecurity. Chris says, “One of the obstacles we faced was to convince management of the benefits that Feedly would provide. From a management perspective they were already aware that the team were doing a good job, but the challenge we faced was to demonstrate the improvements Feedly would bring to the table”

After a few months of switching the manual process to a more streamlined intelligence workflow with a trial of Feedly for Cybersecurity, “It reached the point where our customers were giving  positive feedback about how we were able to respond to the latest trends, while also keeping them informed of the news and our response to it. The efficiency of the new workflow really helped us promote Feedly within Airbus.” Internal management teams, other security teams, and their external  customers noticed and appreciated the increased speed in which they were receiving threat intelligence. 

It reached the point where our customers were giving positive feedback about how we were able to respond to the latest trends, while also keeping them informed of the news and our response to it. The efficiency of the new workflow really helped us promote Feedly within Airbus.

Chris Pickard, Cyber Threat Intelligence

Adam adds “The feedback that we received from the customers has already proven that Feedly was worth the investment.” He adds, “Once the customer reviews started backing up what we’d been saying all along, then there was no decision to be made, to be honest. It was easy to convince management to adopt Feedly from then on.” 

THE SOLUTION
Increasing speed of intelligence with a streamlined OSINT process

At Feedly, we use Airbus CyberSecurity’s workflow as a model to teach other security teams to set up efficient, collaborative intelligence gathering processes using our platform. This is how they get actionable cybersecurity intelligence to their customers in a matter of minutes.

1. Asking Feedly aI to track customer assets and products

Chris and Adam ask Feedly AI to track anything related to critical vulnerabilities affecting them and their customers’ assets and products across the web (not just in the sources they follow in Feedly). They can then add the results of these AI Feeds to their Feedly account.

Then, using a portfolio of security sources they trust, Chris and Adam asked Feedly AI to prioritize anything related to their customers, including customer assets and products. With Priorities, Feedly AI reads all incoming information and surfaces the most relevant content, based on the specific parameters Chris and Adam set up. According to Chris, “We know that anything that’s triggering the Priorities is something we need to focus on. Instead of us having to hunt for actionable intelligence from different sources, we can just have a glance at the Priorities and go from there.”

Chris and Adam asked Feedly AI to prioritize news about high vulnerabilities related to their customers and products they use

2. Immediately viewing and sharing CVSS scores and trending vulnerabilities

With Feedly for Cybersecurity, Chris and Adam can see the CVSS score directly in their Feeds, which gives them more tools to share with customers. They can click into a CVE Card, to access all the information related to the CVE, access the severity of a vulnerability, and determine if it should be escalated to their team for further research without zig zagging across different tabs. If not provided by the National Vulnerability Database (NVD), Feedly AI will estimate the CVSS score and CWE attack type for each vulnerability. 

“We can just look at Feedly AI’s prioritization and see what needs to be taken care of first,” says Chris. “It’s really helpful to see the top attackers and go from there.”

3. Instantly sharing articles with external email addresses

If they find a critical vulnerability about a customer’s supply chain, for example, Chris and Adam’s team need an easy and fast way to get it to the people who need to know.

The team initially had a solid workflow set up, and with a few tips from Remi on the Feedly customer success team, they made it even more streamlined. Remi says “The Airbus CyberSecurity team had developed a clever workaround with IFTTT to send articles to a list of six external customers.” But there was room for improvement, so “during one success session, we were able to tweak it a bit to send polished emails directly from the Feedly interface, without using a third-party tool as a workaround.”

Instead of connecting Feedly to email with an IFTTT integration in the middle, Remi showed Chris and Adam how they could actually send parts of an article directly to external email addresses using Notes.  

The Airbus CyberSecurity CTI team sends articles instantly from Feedly to external recipients via email, by tagging them in the Notes

4. Curating relevant content daily for each customer for instant, organized communication

To organize information to share with customers, Chris and Adam created one Team Board per customer. Team Boards are shared spaces to save articles, and can trigger other automations, like the Slack integration or an email. If Chris saves an article to a customer’s Board, it can immediately trigger a Slack message or an email notification to the customer. “I used to have to summarize gathered intelligence in an email and send it to customers. Now ​​I can just attach relevant information to a Board and I can send it instantly to the people that need it.”

In Team Board > Sharing Settings, the team turns on Slack notifications and choose which Slack channel receives a notification when they save an article to that Board.

Notifications from Boards can be sent to anyone via email, whether or not they have a Feedly account. Chris and Adam send articles to analysts, CTO teams, or even the CEO. “Everyone sees these notifications straight away, and it’s just a really good way of getting it to them quicker.”

5. Sending proactive briefings via automated daily and weekly Newsletters

Apart from ad hoc alerts when relevant issues come up for customers, Chris and Adam also send out daily and weekly newsletters on topics of interest. They add any articles that customers might find interesting to a dedicated Board. They’ve configured the Board to automatically send a Newsletter, which is an automated roundup of recently added articles that can be sent at regular intervals.

Instead of copying and pasting multiple articles into a weekly email, Chris and Adam automate their weekly roundups to send directly as Newsletters from their assorted Boards.

THE RESULTS
A fast, streamlined OSINT workflow that leaves time for analysis

The most noticeable impact of using Feedly? The stellar feedback the CTI team has received from both internal and external customers. Chris says, “Customers really love the speed that we are able to quickly get the news to them. As soon as something hits the news, like a critical vulnerability that affects them, we can notify them within minutes.”

Sending out regular news roundups is much easier, too. Chris says, “Team Newsletters have made the biggest difference for me because it’s saved so much time.”

The firehose of information is quickly reduced to only what’s relevant

By asking Feedly AI to track their customers’ assets and products both across the web and within their trusted security sources, Chris and Adam can feel confident they’re not missing anything, but they can also make sure they’re not wasting time on irrelevant news. 

“I was amazed by the sheer amount of information Feedly brings in, and then how quickly that’s cut down to what’s relevant, I’ve not used a tool that has the same level of impact.”

“I was amazed by the sheer amount of information Feedly brings in, and then how quickly that’s cut down to what’s relevant, I’ve not used a tool that has the same level of impact.”

Adam Thomas, Vulnerability Analyst

Improved communication and cohesion makes the job easier

The process is now much more collaborative, with each member of the team having access to and visibility of the Feedly platform, which avoids duplicate work. And avoiding duplicate work is like having an extra person on the team. Chris says, “The time saved has enabled us to put more resources into threat hunting, vulnerability research, and improving existing processes.”

Working together in a more cohesive way also gives the team the confidence that they’re collectively catching everything they need. Adam adds, “We know that once we put parameters into Feedly, it’s definitely doing its job and is capturing everything we need it to. And we’re not missing anything.”

“We know that once we put parameters into Feedly, it’s definitely doing its job and is capturing everything we need it to. And we’re not missing anything.

Adam Thomas, Vulnerability Analyst

Chris (left) and Adam (right) of Airbus CyberSecurity

What’s next: even more automation and indicators of compromise

When it comes to threat intelligence with Feedly, the Airbus CyberSecurity CTI team is only just getting started. What’s next? Adding even more automation. Chris and Adam are looking to leverage Feedly’s API so they can integrate their intelligence gathering workflow with tools they’re already using, like MISP. 

They’re also participating in the beta program of Feedly’s Indicators of Compromise feature, so they can quickly discover and collect malicious IoCs from security news sources, Twitter, and Reddit, and then easily export IoCs with context. 

Stay tuned, the Airbus CyberSecurity CTI team is leading the way for efficient, collaborative, and effective threat intelligence. 

Gather critical insights quickly, all in one place

Cut down the information overload to only the relevant news, so you can proactively alert customers or internal team members in minutes.

start 30 day trial

💾

Use this pro tip to instantly send articles from Feedly to external recipients

Por Annie Bacher
Tips & Tricks
There’s a way to stop manually copying and pasting content into emails or Slack to share with clients, teammates, or collaborators

One Feedly Enterprise customer had come up with a clever trick to automatically email articles to a predefined group of 6 emails. It worked, but it was a little hacky. 

For teams that need to send critical information as quickly as possible (like the cyber threat intelligence teams that use Feedly, for example), instant communication about threats, data breaches, or vulnerabilities is important. And copying and pasting content at scale can really slow you down.

Remi, Customer Success & Operations lead at Feedly, helped one team find an even simpler way for instantly sending articles to external recipients.

They needed to send news immediately to external customers, but the customers weren’t members of their Feedly account. 

To avoid manually sending emails to customers each time a relevant article popped up, the team set up an IFTTT automation. It worked, but it was a little clunky:

  • They created an email address specifically for this purpose: ourteam123@gmail.com
  • If an article was saved to a designated Board, then it would be sent to this predefined Gmail address via IFTTT
  • Then, from that Gmail, IFTTT will trigger sending the email to a predetermined list of six recipients

And since the articles were sent from Feedly → Gmail → each recipient’s inbox, they weren’t the most visually pleasing.

A better (easier) way to immediately send articles to external recipients

Remi spotted an opportunity to make their lives easier, and helped simplify the workaround. It’s simple:

  • Highlight a section of the article you want to share
  • Then, leave a Note on the article with the person’s email address: +coworker@email.com

When you tag someone in the Notes section of an article, Feedly automatically sends an email to the recipient, and include the highlighted section in the body of the email. The look and feel of the email is a bit more polished than the Gmail workaround, and they don’t even have to click through to read the highlighted section of the article.

Instantly send articles from Feedly to lists of recipients 

Easy enough so far, right? But what happens when you want to send articles to the same list of six or seven people? You definitely don’t want to have to type their email addresses every single time.

Here’s the fun part: you can use tools like TextExpander to create keyboard shortcuts for your predetermined lists of email addresses, and paste that directly into Feedly. For example, if I often send articles to the same 7 external clients, I can create a snippet to avoid typing out those 7 email addresses every time I want to share something with a group.

Then, if someone replies to the email, it will automatically get sent to the original sender’s inbox (and not some noreply address). 

Try it out the next time you need to share a timely, relevant article. Happy reading!

Quickly discover and collect indicators of compromise from millions of sources

Por Sarah Hartland
Feedly AI recognizes IoCs mentioned in articles, and can gather them for you

Finding and collecting relevant indicators of compromise is critical to your security, but with millions of articles to sort through, discovering and collecting the right ones is a challenge. Even if you know where to look, IoCs can be easy to miss and tedious to upload to your threat intelligence platform.

This is why we’re excited to announce that now you can discover, collect, and export malicious IPs, domains, hashes, and URLs mentioned in your Feeds or across the web, because Feedly AI recognizes indicators of compromise.

We trained Feedly AI to understand, find, and even export IoCs, so that they are easier to find and prioritize. This feature is included with Feedly for Cybersecurity. 

“Being able to track IoCs with Feedly has been very helpful, our team has been using the new feature every day to be on top of potential risks. Just today, Feedly AI was able to spot three IoCs in a long report I was reading although I hadn’t noticed them.” 

Michelle Barro, Threat Intelligence Analyst at Verizon

Collect IoCs from across the entire web

Feedly AI recognizes malicious IPs, domains, hashes, and URLs within the text of articles, Tweets, or Reddit posts, and tags articles so you know how many and what type of IoCs appear in a given article. 

When an article contains an IoC, Feedly AI will highlight it for you so it’s easy for you to find and confirm, even if it is buried in the text of a long article or threat intelligence report. 

If the IoCs are relevant, you can  export them to a markdown or STIX file that will include critical context such as the article link, malware, threat actor, CVE, product, and TTP information. 

To track indicators of compromise from across the entire web, click the robot symbol on the left hand navigation menu, and navigate to the ‘Threat Intel” tab. Type “Indicators of Compromise,” then click “+ AND” to refine your AI Feed further if needed.

Track IOCs with Feedly AI

Now that I can use Feedly to track IoCs across the web, our process to upload new indicators to our environment is much faster and easier. Being able to track IoCs across millions of sources on the web helps us cover every base possible.”

Cybersecurity engineer at a leading Fortune 500 technology company

Find and export indicators of compromise

Feedly for Cybersecurity is an OSINT platform used by more than 100 cybersecurity teams globally to speed up their threat intelligence. See how Feedly can help you conduct threat research up to 70% faster by starting a free trial.

start 30 day trial

Find IoCs related to a specific threat actor or malware

Let’s say you want to search for indicators of compromise related to a specific threat actor or malware. You can use AI Feeds to flag IoCs that match your query, even if the articles are from sources you don’t specifically follow.

The AI Feed shown in the example below will look for IoCs related to the Cobalt Strike malware family, making it easy to find what’s relevant, export it in seconds, and proactively monitor the web for future IoCs relevant to you. 

Find and export IoCs and their context

When you open article(s) that contain IoCs you’d like to upload to your preferred threat intelligence platform, you can export them in either STIX or Markdown formats. This is a significant time saver in contrast to scrolling through the article and copying and pasting what you need.

Your export will also include the IoC context such as the original article link, related malware, threat actor, CVE, product, and TTP information. This makes it even easier to take action. Here is an example of a STIX export:

Automate your IoC collection process with the Feedly API

The Advanced Feedly for Cybersecurity plan includes up to 100,000 requests per month and the full power of the Feedly API. Any action a user is taking in the Feedly application can be performed via the Feedly API, including collecting IoCs. You can access instructions for doing so here.

You can use the Feedly API to aggregate indicators of compromise and their context (associated threat actors, malwares, vulnerabilities and TTPs) from recent articles in a Feed, and return a single STIX object with all of those components and their relationships. 

To learn more about the power of the Feedly API or begin a trial or proof of context, click here.

It used to be particularly tedious to track the IoCs that are related to the critical UI CVEs or products my team has to be on top of. Now, with Feedly’s new IoC feature, I can track IoCs in a much faster and more visible way.”  

Michael Rossi, Independent Security Consultant

Find relevant IoCs previously published online

Finally, if you need to search for a specific set of IoCs already published online, you can do this via Power Search. Power Search allows you to leverage Feedly AI’s knowledge graph within your existing Feeds or across the web, allowing you to get much more granular and accurate than standard web searches. 

Click the “🔍” icon in the left navigation menu to access the Power Search screen. From here, you can look for any articles that contain indicators of compromise. This is ideal when you need to track a malware family you haven’t tracked before, and want to quickly find known IoCs that are already available online.

The Indicators of Compromise feature, CVE dashboard, cyber attacks Smart Topic, and several more advanced features are included with Feedly for Cybersecurity. This enterprise package is perfect for cybersecurity teams that need to conduct open-source threat intelligence more efficiently. To learn more about any of these features, or start a free 30-day trial, click the link below.

Find and export indicators of compromise

Feedly for Cybersecurity is an OSINT platform used by more than 100 cybersecurity teams globally to speed up their threat intelligence. See how Feedly can help you conduct threat research up to 70% faster by starting a free trial.

start 30 day trial

Pin your favorite sources and boards at the top of your left navigation

Por Sarah Hartland
Right-click on any Feed, Source, Web Alert or Board to add it to your Favorites section

Do you have a set of go-to-sources, boards, or AI Feeds you navigate to regularly? You can now use the heart icon to pin them to the top of the left navigation bar and access them more quickly.

Right-click on any Feed, Source, Web Alert or Board to add it to your Favorites section.

If you were using the old favorites system, you should see a Favorites (Old) feed with the list of sources you added to your favorites. If you want to rename Favorites (Old) to a different name, please create a new feed and move the sources to that feed.

We are also adding a preference that allow you to use your first feed as your start page. This should allow you to continue to use your old favorites as your start page if that is your workflow.

However you choose to organize your Feedly, we want to make it easy to find what matters as fast as possible!

Easily follow websites that don’t have RSS feeds

Por Annie Bacher
No RSS? No problem. You can now build your own feeds in Feedly for websites without RSS.

You already follow your favorite blogs, news sites, research journals, and more in Feedly. But when you come upon a site without an RSS option, what do you do? Manually opening separate tabs and remembering to check the RSS-less sites can get tedious and confusing. And some of the RSS builder tools out there can feel intimidating and complicated, especially if you already do all your reading and research inside Feedly.

That’s why we’re so excited to announce Feedly’s new RSS Builder. You can now create your own feeds for websites that don’t offer RSS and follow them in Feedly.

When a website doesn’t offer an RSS feed, you’ll automatically get the option to build your own RSS feed in Feedly.

The RSS Builder feature solves one of the big problems our team used to have: they had trusted and favorite sources with no way to get in Feedly. Instead of having to look into multiple places like before, they can now follow all their favorite websites in one single place on Feedly!

Product Integration Manager, Feedly Enterprise User

Choose the articles you want to get in Feedly

When you try to follow a website that doesn’t offer RSS, you used to hit a dead end. Now, you’ll see the option to build your own RSS feed, and the RSS Builder will walk you through the simple steps to add a website without RSS to your Feedly.

First, choose the articles you want to get through RSS. When you open the RSS builder, you’ll get a preview of the web page. Scroll down the page, find the section of articles you’re interested in, and click on the articles you want to get in Feedly (such as the “latest posts” section of a company’s blog). Then, click ‘Build RSS feed.’ You’ll be prompted to add your new source to an existing Feed in Feedly. Add it to an existing Feed, or create a new Feed in which to organize your new source.

That’s it! You have officially built an RSS feed from scratch. Congrats.

 In the preview of the website, select the articles you want to get in Feedly. In this example, we selected articles from Fintastico’s Fintech Radar blog.

Feedly continuously updates your new RSS source

Articles from this new source (that you’ve created with the RSS Builder) will now get sent to your Feedly regularly. This source will behave like any other source in Feedly. Feedly AI will find the topics in article, deduplicate articles, summarize articles, or mute topics you don’t want to get in Feedly. 

Your shiny new source in Feedly! Articles from this new source will appear in your Feedly just like any other blog, website, or news source.

Easily read, annotate, or save articles from this RSS source

Now that you’ve used the RSS Builder to bring these articles into Feedly, you can read, annotate, save, or share articles just like content from any other source. Add Notes or Highlights to your reading to come back to later, or save an article to a designated Board to keep articles on a certain topic. You can share through integrations with social media sharing platforms, email, or Zapier. 

Add Notes, Highlights, or tag teammates (if you’re on an Enterprise plan) like any other article in Feedly.

Feedly can become a place for all news sources I want, and I can select the sources of information in a more granular way instead of waiting for sources to have an RSS.

Daniel Lewis, COO, Winno

Start building RSS feeds

No RSS? No problem. Build your own RSS feed in Feedly for websites without RSS.

BUILD RSS FEEDS

FAQs about building RSS feeds for websites without RSS

What is RSS?

RSS stands for really simple syndication. When a website offers an RSS feed, it makes content available in a file format that an RSS feed reader (like Feedly) can use to fetch the content so you can read it in real time. Until now, when a website didn’t offer RSS feeds, Feedly was unable to aggregate content from this RSS-less website into your Feedly.

How do I start building an RSS feed for a website that doesn’t offer RSS?

To create an RSS feed for a website without RSS, click on the ‘+’ button in the left navigation bar. In the ‘Websites’ tab, paste the website URL that you want to follow. You’ll automatically see the option to build an RSS feed. Click ‘Build RSS feed’ and follow the steps.

What Feedly plan do I need to access the RSS Builder feature?

The RSS Builder is available for users on Pro+ or Enterprise plans. Try it out.

Is there a limit to the amount of RSS feeds I can build?

You can create up to 25 RSS feeds in the Pro+ plan and up to 100 RSS feeds in the Enterprise plan with the RSS Builder tool.

Can I ask Feedly AI to mute models in a source created with the RSS Builder?

Yes, you can create the same logic on top of sources you’ve built with the RSS Builder as you would on any other type of source. Ask Feedly AI to mute models or keywords you don’t want to see in your Feed. 

Are there any sites I can’t follow with the RSS Builder?

While we try our best to allow you to follow any sites with RSS Builder, these sites are currently not available to build RSS feeds: 

1. Social media sites: Facebook, Instagram, TikTok, LinkedIn, Twitter (although you can get Tweets in Feedly with a Pro+ or Enterprise plan)

2. Websites that render content dynamically using JavaScript

3. Websites that don’t have links / URLs to fetch from

The RSS builder works best with sites that have an organized list of links, like a blog or list of articles. Sites that have a jumble of disorganized links (or no links on the page) aren’t easy to turn into RSS feeds. However, supporting this type of non-linear website changes is on our roadmap for the RSS Builder.

Can I use the RSS Builder on the Feedly mobile app?

Right now, the RSS Builder is only available on Feedly’s web app. However, you can still build RSS feeds on the web, and read them in your mobile app.

Is the RSS Builder available in Safari?

Unfortunately, the RSS Builder doesn’t work in Safari at this time, because Safari blocks all script execution without allow-scripts. If you’re a Safari user, you can use a different browser (like Chrome) to build your RSS feeds, and then continue to read in Feedly in your normal browser.

What should I do if I have more questions about the RSS Builder feature? 

Find even more answers to your RSS Builder questions in the Feedly Knowledge base, which we update regularly as the feature improves. And if you still need help, reach out to our customer support team. We’d love to help you out.

Feeds and Folders

Por Edwin K

If you’ve popped into Feedly today, you might notice something’s…different.

We’ve introduced a new naming convention: RSS feeds and all the other streams of content you follow in Feedly (Twitter, Reddit, Newsletters) are feeds and the place you use to organize and group your feeds is a Folder.

Add the TechCrunch feed to one of your Folders

This doesn’t change anything about how Feedly works, it just makes it a little easier to talk about how to organize everything you follow and read. Happy reading!

How Church & Dwight’s CISO used Feedly to track log4j in real time

Por Annie Bacher
Case Study
Get an inside look at how a CISO gathers threat intelligence to track a developing incident.
Impact
box icon

Picked up on trending vulnerabilities in Feedly before they were rated

chart icon

Saved an hour each day with streamlined intelligence workflow

target icon

Consolidated the team’s research workflow, improved effectiveness, and reduced overwhelm

David Ortiz is the Chief Information Security Officer (CISO) of Church & Dwight, the company behind brands like ARM & HAMMER, Trojan, OxiClean, OraJel, and other products. As CISO, David’s primary focus is to oversee cybersecurity, IT Risk Management, data privacy operations, and manage risk to the company so he can keep leadership informed. 

Unlike a threat intelligence analyst looking at the day-to-day intel and mitigation, David is concerned with the big-picture impact of cybersecurity on the business. “We don’t want to talk too much about the widgets and the tech, we want to talk more about the impact to the overall business.”

On a “typical” day: David’s daily news progression for effective threat intelligence

Every day, David looks out for indicators that there may have been a critical cyber attack somewhere in Church & Dwight’s supply chain. With that information, he can inform leadership of the business implications. Church & Dwight has a large provider network including contract manufacturers, manufacturers, vendors. The company needs to keep track of what’s happening across the entire supply chain to protect the business at all levels. 

To stay in front of the news, David goes through a systematic news progression every morning before his team’s 9am scrum. He works his way through sources including: 

  • Cybersecurity-specific news sources like WSJ Pro Cybersecurity Cyber Security Hub
  • Twitter, Reddit, and LinkedIn
  • National newspapers and news sources like the Wall Street Journal, The New York Times, and 1440
  • Wikipedia 
The “Today” page in Feedly, where David starts his news progression each morning.

Before using Feedly, he had to visit each one of these sites individually. Now, he says “It is a single place for my news progression. I can go through Feedly and see everything.” Instead of fielding emails from different sources, David gets his newsletters delivered to Feedly as well.

Feedly has saved me an hour a day. It is a single place for my news progression. I can go through Feedly and see everything”

David Ortiz, CISO, Church & Dwight

How David used Feedly to monitor the log4j vulnerabilities

The week that the log4j vulnerability broke in December 2021, David’s news progression looked a little different than on a normal day. 

“When I woke up on Friday morning, our managed security provider had already sent out advisories at 4am East Coast time. I saw that, and I had already gone into Feedly and started reading news and seen it breaking. We knew log4j was coming and used breaking news in conjunction with our vulnerability response activities.”

The Threat Intelligence Dashboard in Feedly shows trending articles, trending vulnerabilities, and trending attackers. Cybersecurity professionals like David use this page for a quick glance at what’s happening if they only have a few minutes to check Feedly.

By the Saturday after the vulnerability broke, news started flooding in. David remembers, “I was looking for critical vulnerabilities and CVSS scores. That’s when Feedly started working its magic: We started to see the news propagate and get organized by Leo.” 

I was looking for critical vulnerabilities and CVSS scores. That’s when Feedly started working its magic: We started to see the news propagate and get organized by Leo”

David can see trending vulnerabilities before CVSS scores are assigned

Even before a CVSS score is assigned to a vulnerability, Leo estimates a score based on the machine learning models we use to prioritize CVEs. And as the story developed and it became clear that log4j was really four distinct vulnerabilities, Feedly helped show that they were trending. David explains, “When the other vulnerabilities were still at a low level — not yet elevated to a critical or high level — Feedly was telling me it was trending, which meant more people were talking about this and more articles were being published about it.” 

When the other vulnerabilities were still at a low level – not yet elevated to a critical or high level — Feedly was telling me it was trending.”

David Ortiz, CISO, Church & Dwight

David was watching both Feedly and the National Vulnerability Database news to see if one specific vulnerability was going to trend and become a critical vulnerability. If it was identified as a critical vulnerability, that would dictate how Church & Dwight security teams respond to the vulnerability.

If no CVSS score has been assigned to a specific CVE, Leo estimates a score based on the machine learning models we use to track CVEs.

David adds, “Feedly helped me follow the vulnerabilities that weren’t yet rated. By looking at the trending vulnerabilities and estimated CVSS scores in Feedly, I could estimate that they would eventually get assigned a high or critical rating, which they did.”

Why this CISO uses Feedly to centralize and optimize his team’s open source threat intelligence

David chose Feedly as his team’s open source threat intelligence tool for three main reasons: 

  1. He wanted a centralized place to reduce information overload for his team 
  2. He wanted a place where his team can share common data and benefit from shared knowledge
  3. He wanted to get in front of the news

1. A centralized place to reduce information overload and notification fatigue

David’s extremely conscious of the impact of information overload on his team, and designed his Feedly setup with that in mind. “Feedly is a common area to share data so that we’re not fatiguing one another with more news and more notifications.” 

David strategically set up two main Team Newsletters to send automatically and summarize news, instead of sending one-off texts and Slack messages that would distract his team. 

  • One weekly newsletter that sends every Friday and includes any articles David and the team saved to a Feedly Board that week 
  • One “breaking” newsletter that sends automatically — but only when there’s what the team considers breaking news
David and the team save relevant articles to a Team Board, which sends a Newsletter automatically each week.

2. A place to share common data and avoid duplicate work

Instead of everyone on his team having separate, siloed security sources, David and his team use Feedly as the common area to share those trusted sources of data. This means everyone’s on the same page about threat intelligence and risk management, and the whole team benefits from having multiple smart cybersecurity minds working together. 

3. A way to get in front of the news

Before adopting Feedly as his open source threat intelligence tool, David used to complete his daily “news progression” every day across various different sources. But now, he’s able to consolidate his intelligence in one place and streamline the process.

Beyond the feeds he organizes in Feedly, David checks the Threat Intelligence Dashboard daily. “It brings me information that I don’t have to go get on my own. Instead of having to manually trend or use other sources to trend, Feedly’s trending that for us.” David estimates that Feedly has saved him an hour each day, which means he can make more progress on Church & Dwight’s security roadmap and projects for risk reduction. 

What’s next for this CISO  

When there’s not a critical vulnerability front and center, David focuses on projects on the company’s security roadmap, including risk reduction and safeguarding data. “Feedly helps me stay in front of the news so I can help keep the company safe.”

And what’s next for David’s work with Feedly? David continues to work with his team in the process of gathering open source threat intelligence . He’s looking forward to the upcoming Customizable Newsletters feature (coming soon!) that will make it even easier to send advisories and customize them with internal knowledge.

Stay ahead of attacks and vulnerabilities

Try Feedly for Threat Intelligence so you can gather open source intelligence and share insights with the people who need them, faster.

START FREE 30-DAY TRIAL

Blueprint of a highly functional Feedly for Threat Intelligence Account

Por Aaron O’Maley
Cybersecurity
How to structure your Feedly for Threat Intelligence account to optimize your open source threat intelligence

Many of the leading cyber security teams use Feedly to organize and automate their open-source threat intelligence and stay ahead of emerging threats. We have had the chance to research 100 of them and review their open-source threat intelligence best practices.

In this article, we will share how they translate their intelligence needs into various types of feeds and how they structure those feeds into a highly functional Feedly account.

Structure of a highly functional threat intelligence account

Track trending cybersecurity news

Most cybersecurity professionals start their day in the Threat Intelligence Dashboard. It offers a broad overview of the emerging threat landscape: trending cybersecurity articles and attacks, new critical vulnerabilities, active attackers, new behaviors, and malware families, so it’s easy to get a sense of what’s going on in just a few minutes.

Start your day with a general overview of the threat landscape with the Threat Intelligence Dashboard

Here’s a brief overview of each section:

  • Trending News: Stay ahead of attacks by seeing which threats are trending in the cybersecurity community.
  • Vulnerabilities: Improve reaction time and respond quickly to new vulnerabilities as they arise, allowing cybersecurity teams and their clients to stay informed of oncoming risks faster.
  • Attackers: Identify at a glance which Threat Actors are trending and quickly create Web Alerts to track their actions and behaviors.
  • Tactics & Techniques: Keep track of which TTPs are proving to be the most prevalent among Threat Actors, map data to the Mitre ATT&CK Navigator to compare with other Threat Actor Profiles, or to identify gaps in your defensive capability.
  • New Malware: Research what New Malware is affecting systems and be vigilant against emerging threats.

Discover critical vulnerabilities

The most effective way to track critical vulnerabilities and zero-days across the web is with Feedly AI. Feedly AI has been pre-trained to understand vulnerabilities and assess their severity. It reads millions of articles every day, looking for critical security threats.

Track critical vulnerabilities for products deployed in your environment

When Feedly AI finds a CVE, it automatically searches for its CVSS score, related exploits and malware families, links to threat actors, CWE information, and patches. It then organizes all this information into a rich CVE insights card.

If the CVE doesn’t have a CVSS score yet, Feedly AI uses machine learning to predict the CVSS score, keeping you one step ahead of the latest emerging threats.

Discover critical vulnerabilities and get a 360-degree view with the CVE insights card

Creating a broad (Feedly) AI Feed targeting all critical vulnerabilities gives you a big picture view of what is happening across the threat landscape, while adding specific vendors to the search narrows the focus into more precise and manageable feeds.

Cybersecurity teams often create an AI Feed for each of the main products deployed in their environment and group them into a Vulnerabilities folder.

Track adversary behaviors

One way cybersecurity teams track and visualize the behaviors of specific Threat Actors and Malware Families is by using Feedly’s integration with the Mitre ATT&CK framework. Feedly AI has been pre-trained to understand threat actors (integration with Malpedia), Mitre ATT&CK (version 10), and the model of threat intelligence reports. These three models can be easily combined to track the behavior of selected adversaries.

Here is an example of an AI Feed surfacing all the threat intelligence reports mentioning the Lazarus Group threat actor:

Track threat intelligence reports mentioning the Lazarus Group

Cybersecurity teams often create an AI Feed for each of the threat actors and malware families defined on their threat profiling list and group them into a “Threat Intel” folder.

When Feedly AI finds an article in which it has identified TTPs, it can map the content of that article to the ATT&CK navigator so that cybersecurity teams can easily analyze the adversary behavior and compare it with their existing defenses.

Automatically open TTPs mentioned in an article to the MITRE ATT&CK Navigator

Feedly AI also automatically flags all the malicious IPs, hashes, domains, and URLs (IoCs) it identifies in articles so that they can easily be exported with links to threat actors, malware families, and vulnerabilities using STIX 2.1 and imported into Threat Intelligence Platforms (TIP).

Export IoCs with links to threat actors and malware using STIX 2.1

Track cyber attacks

Security teams can efficiently track cyber attacks targeting their industry or supply chain. Feedly AI has been pre-trained to understand the concept of a cyber attack and who the target of the attack is. Here is an example of how a cybersecurity professional might ask Feedly AI to track all the cyber attacks targeted at the finance industry.

Track cyber-attacks across the finance industry

The focus can also be narrowed down to more specific threats like “data breaches impacting credit cards” or “cyber attacks using multi-factor authentication”

Follow trusted security feeds

Feedly allows cybersecurity teams to follow a wide variety of trusted feeds all in one place, including websites and blogs, newsletters, Reddit communities, and Twitter accounts, searches, and hashtags. The teams that get the most out of Feedly turn it into their one-stop intelligence center so they can share common sources in one place. They end up saving hours each week because they’re no longer sharing articles ad-hoc across email, Slack, and other messaging platforms.

Follow your trusted security websites, blogs, newsletters, Twitter and Reddit in one place

Collect and share threat intelligence with Boards

When an article of importance surfaces, Feedly provides the tools to annotate, highlight, add notes, and save the article to a Board for review later. When an article is saved to a Team Board, Feedly for Threat Intelligence users have additional options to auto-generate Newsletters, share with Slack or Microsoft Teams, or use Feedly’s Rest API to integrate into an existing workflow.

Save and organize selected articles into Boards and share them with your teams

Here are a few examples of Team Boards that have helped cybersecurity teams stay organized:

  • Critical Vulnerabilities Board: Save articles about exploitable vulnerabilities and zero-days that a cybersecurity team will want to research and patch as soon as possible.
  • IoC Report Board: Save articles referencing IoCs that should be pushed to a threat intelligence platform.
  • Threat Intelligence Brief Board: Save articles to share with an executive team.
  • Threat Actors Board: Save articles describing behaviors of specific threat actors active in the industry that should be imported into the TIP for the rest of the team to research.
  • Emerging Malware Board: Save articles about techniques used by emerging malware families.
  • Supply Chain Attacks Board: Save instances of attacks and data breaches reference supply chain or third-party partners.

Try Feedly for Threat Intelligence

All of these features, plus many more, are available as a part of Feedly for Threat Intelligence. To learn more about any of these features, or start a free 30-day trial, click the link below.

Try Feedly for threat intelligence

New: Track specific CVEs with Feedly AI

Por Annie Bacher
What's New
Feedly AI autocompletes specific CVE IDs so you can monitor for exploits or attacks, or track threat intelligence reports mentioning the CVE

Looking to monitor a specific CVE ID? Previously, you had to type in the exact CVE ID and be sure it was the right number. Now, Feedly AI autocompletes the CVE ID and shows you the description of the vulnerability, so you can be sure you’re tracking the right one.

Just start typing the CVE ID and choose the correct ID from the menu. Then, refine your AI Feeds and add it to a Folder.

This is a small improvement to the UI that makes it much easier for you to quickly track a CVE (instead of entering the ID manually) and to make sure you’re tracking the right CVE.

Create an AI Feed to track a CVE and get updates as it develops

The more high profile a CVE becomes, the more likely threat actors will develop exploits for it. You can keep an eye on a trending vulnerability by simply creating an AI Feed and adding it to your “Trending vulnerabilities” Folder, for example.

Track cyber attacks related to the CVE

When it’s taking a while to apply a security patch, you want to keep an eye on the tactics used to exploit the vulnerability. Create an AI Feed for the CVE ID and the model “Cyber Attacks” and Feedly AI will look for attacks or exploitation attempts related to the specific CVE.

Then, you and your team can use this information about available exploits to prioritize which vulnerabilities to patch. You can also update the AI Feeds to add more CVEs if needed, like when a vulnerability has multiple IDs associated with it.

Track indicators of compromise related to exploitation attempts

Tracking, gathering and ingesting indicators of compromise is a great way to proactively hunt for signs of an attack on your environment. Since Feedly AI allows you to gather and export IoCs from multiple sources (including articles, Twitter, Reddit, and emails), you can create an AI Feed to track a specific CVE ID and the “Indicators of Compromise” AI Model.

Once you create an AI Feed for IoCs related to the specific CVE you’re tracking you can easily export the resulting IoCs with context and add them to your own security environment.

Track threat intelligence reports published about the CVE

Gather intelligence others have curated by adding the “Threat Intelligence Report” AI Model to your Web Alert. When you combine the CVE ID with the Threat Intelligence Report AI Model, you’ll get Threat Intel Reports mentioning the CVE.

Bundle these models together into a single AI Feed to keep an eye on a specific CVE

And if you want to get all angles of a CVE, you can combine all of these models into a single AI Feed. Just track the specific CVE ID and add other AI Models like Indicators of Compromise, Threat Intelligence Reports, and Cyber Attacks.

And don’t forget — to get a complete overview of a specific CVE in the moment, you can also click on the CVE ID and open up the CVE Insights Card. You’ll find an at-a-glance overview of exploits, malware families, and related threat actors in a single view.

Try tracking a specific CVE in Feedly

Not a member of the Feedly for Threat Intelligence community yet? Try a free 30 day trial and speed up your discovery and research of emerging threats.

START FREE 30-DAY TRIAL

Track emerging threats with Feedly AI

Por William Kulp
Threat Intelligence
Speed up your open-source threat intelligence by 70% with (Feedly) AI Feeds

The core of Feedly for Threat Intelligence is an AI engine, that automatically gathers, analyzes, and prioritizes intelligence from millions of sources in real-time.

In this article, we’ll show you how to use AI Models to:

  • Monitor critical vulnerabilities and zero-days
  • Research the behavior of specific threat actors and malware families
  • Understand the threat landscape around your industry
  • Track niche cybersecurity topics

Before we look at those four use cases, let’s start with a short overview of how Feedly AI works.

Meet Feedly AI

Feedly AI reads millions of articles, reports, and social media posts every day and automatically tags key threat intelligence concepts: critical vulnerabilities, malware families, threat actors, indicators of compromise, ATT&CK techniques, companies, vendors, industries, etc.

Feedly AI automatically tags key threat intelligence concepts

All this information is at your fingertips in near real-time via a powerful and intuitive search and tracking interface called (Feedly) AI Feeds.

Curious how it works? Let’s take a look at an AI Feed designed to track critical vulnerabilities and zero-days related to Cisco Systems:

AI Feeds: A powerful and intuitive search and tracking interface

Creating an AI Feed is a three-step process:

  1. Use AI Models to define the intelligence you want to gather. In our example, we use the ‘High Vulnerability’ and ‘Cisco Systems’ AI Models to discover new critical vulnerabilities related to Cisco Systems.
  2. Use AND, OR, NOT operators to combine multiple AI Models and refine your focus. In our example, we use AND to track articles and reports that reference both ‘High Vulnerabilities’ and ‘Cisco Systems’.
  3. If needed, refine sources with your own trusted sources. By default, (Feedly) AI Feeds will search across the Cybersecurity Bundle (a collection of 50,000+ security news sources, threat research blogs, newsletters, vendor advisories, government agencies, vulnerability databases, CISO magazines, and Reddit communities curated collectively by 200,000 cyber professionals using Feedly and partitioned by Feedly AI into three tiers based on popularity and authority).

With AI Feeds, you can add to a team or personal folder. New articles, reports, or social media posts matching the specified AI Models will appear in the AI Feeds.

AI Models are easier to use, more comprehensive and less noisy than traditional keyword searches

The power of AI Feeds is that ‘High Vulnerability’ and ‘Cisco Systems’ are not simple keyword matches. These AI Models are machine learning models that encapsulate a broader understanding of each concept:

  • ‘High Vulnerability’ is an AI Model that tracks vulnerabilities with a CVSS score above 8 or a CVSS score above 5 that includes a known exploit. If the vulnerability does not have a CVSS score yet, a machine learning model is used to forecast the CVSS score based on the descriptions of the vulnerability. Learn more
  • ‘Cisco Systems’ is a ‘Company’ AI Model that tracks for mentions of Cisco by its name or any known aliases. When the company name is ambiguous, a disambiguation model is used to remove false positives.

Without AI Models, gathering intelligence would require a tedious effort of trying to find a long list of the right keywords, leaving room for blind spots and lots of irrelevant results.

Feedly for Threat Intelligence comes with a wide range of pre-trained AI Models so that you can easily translate your intelligence needs into AI Feeds.

Feedly includes key threat intelligence models

Let’s see how we can combine these AI Models to proactively track specific threats and stay one step ahead of your adversaries.

Research the behavior of specific threat actors and malware families

Tracking the behavior of threat actors and malware families can be tedious and overwhelming, taking up valuable time that could be spent hunting for malicious activity in your environment.

That’s why Feedly has created a set of AI Models that automatically tag threat actors, malware families, TTPs, and IoCs.

Let’s take a look at an AI Feed designed to track the latest IoCs and TTPs related to Lazarus Group across threat intelligence reports published on the web:

Gather IoCs and TTPs related to Lazarus Groups from intelligence reports
  • ‘Lazarus Group’ is a ‘Threat Actor’ AI Model powered by Malpedia that tracks mentions of the threat actor by name or its many aliases. Learn more
  • ‘Indicators of Compromise’ is an AI Model that tracks malicious URLs, IPs, email addresses, domains, and hashes. Learn more
  • ‘Tactics & Techniques’ is an AI Model powered by the Mitre ATT&CK v10 framework that tracks tactics, techniques, and sub-techniques and their relationships. Learn more
  • ‘Threat Intelligence Report’ is an AI Model that flags intel reports containing in-depth technical details about IoCs, TTPs, threat actors, and malware. Learn more

Here are some additional AI Models you can use to broaden or narrow your threat profiling:

Popular threat profiling AI Models

Understand the threat landscape around your industry

Staying up to date with the latest attacks against your industry can help you be better prepared when putting defenses in place, as well as help you learn about which threat actors to look out for so you can be more targeted when gathering intelligence.

Let’s take a look at an AI Feed designed to gather intelligence about cyber attacks in the finance industry:

Track cyber attacks around the finance industry
  • ‘Cyber Attacks’ is an AI Model that tracks instances of cyber attacks and tries to determine who or what the target of the attack is. Learn more
  • ‘Finance Industry’ is an ‘Industry’ AI Model that classifies articles related to the finance industry based on company mentions and terminology. Learn more

You can also easily narrow your focus on a specific type of attack:

Track credit card data breaches

Monitor critical vulnerabilities and zero-days

Manually keeping ahead of new vulnerabilities and zero-days is an impossible task, but you can set up AI Feeds to help you stay up to date on new vulnerabilities that come across the radar of the global cybersecurity community.

Feedly aggregates vulnerability information from NVD and over 20 vendor advisory sites — as well as monitoring many sources to find exploits for each CVE — in near real-time.

Let’s take a look at an AI Feed designed to surface critical vulnerabilities and zero-days related to a vendor deployed in your environment:

Track high vulnerabilities related to Zoom

When you discover a new CVE, you can use the CVE insights card to get a 360 degree view of that vulnerability and decide if you should create a ticket for your response team.

A CVE insights card – a 360 degree view of CVE-2021-44228

Track niche cybersecurity topics

You can also use AI Feeds to track niche cybersecurity topics.

Let’s take a look at an AI Feed designed to gather intelligence about malicious, compromised, or hijacked packages:

Here are some additional AI Models you can use to track niche cybersecurity topics:

Popular cybersecurity AI Models

Getting smarter every day

The world’s leading cybersecurity teams use Feedly for their OSINT, so the product constantly improves based on their feedback.

Here is a roadmap of some of the new AI Models we are researching:

2022 AI Models Roadmap – Threat Intelligence

Feedly for Threat Intelligence customers can reach out to us at enterprise@feedly.com to give feedback on improving existing AI Models or creating new ones to ensure that Feedly is working at full capacity to serve your Threat Intelligence needs.

Try Feedly for Threat Intelligence

All of these features, plus many more, are available as a part of Feedly for Threat Intelligence. To learn more about any of these features, or start a free 30-day trial, click the link below.

TRY FEEDLY FOR THREAT INTELLIGENCE

Track competitors and emerging trends Feedly AI

Por Katie Spencer
Market Intelligence
Speed up your market intelligence by 70% with (Feedly) AI Feeds

The core of Feedly for Market Intelligence is an AI engine, that automatically gathers, analyzes, and prioritizes intelligence from millions of sources in real-time.

In this article, we’ll show you how to use Feedly AI to:

  • Track your competitors and their strategic moves
  • Stay ahead of consumer trends and insights
  • Scout technical innovation
  • Identify business development opportunities

Before we look at those four examples, let’s start with a short overview of how Feedly AI works.

Meet Feedly AI

Feedly AI reads millions of articles, reports, and social media posts to determine if they are relevant to the topics you want to track.

Feedly AI automatically tags key market intelligence concepts

All this information is at your fingertips in near real-time via a powerful search and tracking interface called AI Feeds.

To understand how this works, let’s review an AI Feed designed to track Amazon’s recent product launches:

AI Feeds: A powerful and intuitive search and tracking interface

Creating a (Feedly) AI Feed is a three-step process:

  1. Use AI Models to define the information you want to gather. In our example, we use a Company and Strategic Move AI Model to track all information about Amazon’s product launches.
  2. Use AND, OR, NOT operators to combine multiple AI Models and refine your focus. In our example, we use AND to only track articles that reference both Amazon and product launches.
  3. If needed, refine sources with your own trusted sources. By default, Feedly’s AI Feeds will search across the Market Intelligence Bundle, which is a collection of top tier B2B sources including strategy magazines, tech blogs, business magazines, research journals, and trade publications. You can control the sources your AI Feed pulls from using the “Refine Sources” feature.

With (Feedly) AI Feeds, you can add to a team or personal Folder. New articles, reports, or social media posts that match the specified AI Models will appear in the AI Feeds.

AI Models are easier to use, more comprehensive, and less noisy than traditional keyword searches

The power of (Feedly) AI Feeds is that Amazon and Product Launches are not simple keyword matches. These AI Models are machine learning models that encapsulate a broader understanding of each concept.

  • ‘Leadership Changes’ is a Strategic Move AI Model that intelligently scans for new leadership change announcements. This model will be able to find relevant updates even if the term “leadership change” isn’t explicitly used.
  • ‘The Walt Disney Company” is a Company AI Model that tracks mentions of Disney or any known alias, like ‘Walt Disney’. A disambiguation model will be used to remove false positives for “The Walt Disney Company”, and only return relevant mentions of the company.

Without AI Models, finding the right information would require manually updating a long list of keywords, leaving room for human error and irrelevant results.

Feedly for Market Intelligence comes with a wide range of pre-trained AI Models so that you can easily translate your intelligence needs into AI Feeds.

Feedly for Market Intelligence comes with a wide range of pre-trained AI Models

Let’s examine how to combine these AI Models to build a strong market intelligence engine.

Track your competitors and their strategic moves

Tracking the strategic moves of your competitors can be tedious and overwhelming. That’s why Feedly has created Company AI Models, which tracks competitor decisions and actions using Artificial Intelligence, saving your team hundreds of hours.

Let’s take a look at an AI Feed designed to track all the latest updates about Apple:

Use Company AI Models to track mentions and updates from specific companies
  • ‘Apple’ is a Company AI Model that tracks all mentions of Apple and its aliases (such as Apple, Inc. and apple.com). A disambiguation model will be used to remove false positives for “apple”, and only return relevant mentions of the company.

You can use Strategic Move AI Models to refine your competitive research to only the most relevant updates, such as Product Launches, New Patents, and Partnerships.

Let’s take a look at an AI Feed designed to track Apple’s newest patents and tech innovations:

Use Strategic Moves AI Models to track specific news about competitors, like New Patents or Innovations
  • ‘Apple’ is a Company AI Model that tracks all mentions of Apple and its common aliases.
  • ‘New Patents’ is a Strategic Move AI Model that tracks newly published patents.
  • ‘Tech & Scientific Innovation’ is an AI Model that tracks breakthroughs and innovations by companies, startups, and research teams.

Here are some additional AI Models you can use to refine your competitive research:

Use different AI Models to refine your competitive research

Discover emerging trends

Manually tracking consumer behaviors often feels like searching for a needle in a haystack. That’s why we built the Consumer Insights AI Model, which surfaces articles that mention behavioral statistics and consumer data most relevant to you.

Let’s take a look at an AI Feed designed to track Consumer Insights related to Sustainability:

The Consumer Insights AI Model detects articles that mention behavioral statistics related to customers and consumers
  • ‘Consumer Insights’ is an AI Model that tracks consumer statistics related to emerging societal, technological, economic, ecological, and political trends.
  • ‘Sustainability’ is an AI Model that intelligently scans for mention of Environmental Sustainability and everything related to this topic.

Scout technological innovation

Market Intelligence teams leverage Feedly AI to make their tech innovation research 70% faster. Technology AI Models intelligently scan for a range of new technologies, such as Augmented Reality, Crypto, and Quantum Computing.

Let’s take a look at an AI Feed designed to track updates about Crypto and Digital Wallets:

Track relevant new technologies like Crypto with Technology aI Models
  • ‘Crypto’ is a Technology AI Model that recognizes numerous terms for Crypto. The AI Model will continuously learn and include new terms, keeping pace with ever-changing technologies.
  • ‘Digital Wallet’ is an AI Model that intelligently scans for mentions of digital wallets and continuously updates to account for new aliases.

Identify new partnership opportunities

Keeping up with business development opportunities helps your company stay competitive in your industry. AI Feeds allow you to identify and act on key market opportunities as they arise.

Let’s take a look at an AI Feed designed to gather intelligence about companies that have recently raised funds in the finance industry:

Tracking Funding Events in your industry allows your team to stay ahead of partnerships opportunities for specific or broad industries
  • Finance Industry’ is an Industry AI Model that classifies articles related to the finance industry based on company mentions and terminology.
  • Funding Events’ is a Strategic Move AI Model that detects any capital-raising events, from seed funding to late-stage rounds or exits.

Getting smarter every day

The world’s leading Market Intelligence teams use Feedly to stay competitive, so the product constantly improves based on their feedback.

Here is the roadmap for some new AI Models we are researching for our Market Intelligence customers:

2022 AI Models Roadmap – Market Intelligence

Feedly for Market Intelligence customers can reach out to enterprise@feedly.com to share feedback on existing AI Models or suggestions for new AI Models. We value our community’s input, as this ensures Feedly is working at full capacity to serve your Market Intelligence needs.

Try Feedly for Market Intelligence

All of these features, plus many more, are available as a part of Feedly for Market Intelligence. To learn more or to start a free 30-day trial, click the link below.

Try Feedly for Market Intelligence

❌