HD Moore, co-founder and CEO of runZero, on how his team uses Mallory to notify customers about new vulnerabilities before the first news article drops.
Moore describes a common scenario for runZero: a new vulnerability is about to make a big stink on the internet. His team uses Mallory as the backend to figure out what's about to blow up, what's showing up in vendor advisories, and whether it's hit the news cycle yet. They quickly identify affected customers, send them a link to their affected assets, and typically do all of that before the first news article is even published. Multiple days before their legacy security competitors.
"We find out about it really early by using Mallory as the backend... we quickly figure out which customers are affected, send them a link to their affected assets, and typically do that before the first news article is even published."
He also flagged how much noisier the landscape has gotten. Search for a CVE on GitHub and you'll find 15 fake proof-of-concepts, half of which are malware. At the same time, bugs are being identified well after they've been exploited, sometimes weeks later, and vendor patches are often far behind. Getting early, reliable intelligence is how you stay ahead.