Risk Based Security

No reviews yetVerified Data Provider

Optimized for quick response

Get Intro

Risk Based Security Data Products: APIs & Datasets

About Risk Based Security

Risk Based Security in a Nutshell

Risk Based Security provides data breach and vulnerability intelligence to equip organizations with evidence-based threat analysis and risk management strategies to address information security and compliance challenges.

Risk Based Security, Inc. equips organizations with security information, security program toolkits, risk management methodologies and on-demand security expertise to establish customized risk-based solutions to address information security and compliance challenges.

We are technology enhanced information security and risk management experts ready to assist your organization in identifying your true risks to your most valuable assets in order to guide the implementation of security controls where they are needed most, resulting in the right security at the best price.

Specialties
Data Breach Analytics, Security Intelligence Reports, Vulnerability Intelligence, Risk Management, Incident Response, ISO/IEC 27001:2005

Cyber Risk Analytics (CRA) provides actionable threat intelligence about organizations that have experienced a data breach or leaked credentials.
Along with our PreBreach Risk Ratings, this provides a deep dive into the metrics driving cyber exposures, as well as understanding the digital hygiene of an organization and predicting the likelihood of a future data breach.
The integration of PreBreach ratings into security and underwriting processes, vendor management programs, and risk management tools allows organizations to avoid costly risk assessments, while enabling businesses to act quickly and appropriately to proactively protect it’s most critical information assets.

Headquarter
United States of America

Data Offering

Pricing

Risk Based Security has not published pricing information for their data services. This is common practice for data vendors and providers. Contact Risk Based Security to obtain current pricing.

Use Cases

Geo Coverage

Africa (58)
Algeria
Angola
Benin
Botswana
Burkina Faso
Burundi
Cabo Verde
Cameroon
Central African Republic
Chad
Comoros
Congo
Congo (Democratic Republic of the)
Côte d'Ivoire
Djibouti
Egypt
Equatorial Guinea
Eritrea
Ethiopia
Gabon
Gambia
Ghana
Guinea
Guinea-Bissau
Kenya
Lesotho
Liberia
Libya
Madagascar
Malawi
Mali
Mauritania
Mauritius
Mayotte
Morocco
Mozambique
Namibia
Niger
Nigeria
Rwanda
Réunion
Saint Helena, Ascension and Tristan da Cunha
Sao Tome and Principe
Senegal
Seychelles
Sierra Leone
Somalia
South Africa
South Sudan
Sudan
Swaziland
Tanzania, United Republic of
Togo
Tunisia
Uganda
Western Sahara
Zambia
Zimbabwe
Asia (51)
Afghanistan
Armenia
Azerbaijan
Bahrain
Bangladesh
Bhutan
Brunei Darussalam
Cambodia
China
Cyprus
Georgia
Hong Kong
India
Indonesia
Iran (Islamic Republic of)
Iraq
Israel
Japan
Jordan
Kazakhstan
Korea (Democratic People's Republic of)
Korea (Republic of)
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Lebanon
Macao
Malaysia
Maldives
Mongolia
Myanmar
Nepal
Oman
Pakistan
Palestine, State of
Philippines
Qatar
Saudi Arabia
Singapore
Sri Lanka
Syrian Arab Republic
Taiwan, Province of China
Tajikistan
Thailand
Timor-Leste
Turkey
Turkmenistan
United Arab Emirates
Uzbekistan
Vietnam
Yemen
Europe (51)
Albania
Andorra
Austria
Belarus
Belgium
Bosnia and Herzegovina
Bulgaria
Croatia
Czech Republic
Denmark
Estonia
Faroe Islands
Finland
France
Germany
Gibraltar
Greece
Guernsey
Holy See
Hungary
Iceland
Ireland
Isle of Man
Italy
Jersey
Latvia
Liechtenstein
Lithuania
Luxembourg
Macedonia (the former Yugoslav Republic of)
Malta
Moldova (Republic of)
Monaco
Montenegro
Netherlands
Norway
Poland
Portugal
Romania
Russian Federation
San Marino
Serbia
Slovakia
Slovenia
Spain
Svalbard and Jan Mayen
Sweden
Switzerland
Ukraine
United Kingdom
Åland Islands
North America (13)
Belize
Bermuda
Canada
Costa Rica
El Salvador
Greenland
Guatemala
Honduras
Mexico
Nicaragua
Panama
Saint Pierre and Miquelon
United States of America
Oceania (25)
American Samoa
Australia
Cook Islands
Fiji
French Polynesia
Guam
Kiribati
Marshall Islands
Micronesia (Federated States of)
Nauru
New Caledonia
New Zealand
Niue
Norfolk Island
Northern Mariana Islands
Palau
Papua New Guinea
Pitcairn
Samoa
Solomon Islands
Tokelau
Tonga
Tuvalu
Vanuatu
Wallis and Futuna
South America (42)
Anguilla
Antigua and Barbuda
Argentina
Aruba
Bahamas
Barbados
Bolivia (Plurinational State of)
Bonaire, Sint Eustatius and Saba
Brazil
Cayman Islands
Chile
Colombia
Cuba
Curaçao
Dominica
Dominican Republic
Ecuador
Falkland Islands (Malvinas)
French Guiana
Grenada
Guadeloupe
Guyana
Haiti
Jamaica
Martinique
Montserrat
Paraguay
Peru
Puerto Rico
Saint Barthélemy
Saint Kitts and Nevis
Saint Lucia
Saint Martin (French part)
Saint Vincent and the Grenadines
Sint Maarten (Dutch part)
Suriname
Trinidad and Tobago
Turks and Caicos Islands
Uruguay
Venezuela (Bolivarian Republic of)
Virgin Islands (British)
Virgin Islands (U.S.)

Certifications & Associations

Logo of Certified Information Privacy Professional / United States certification
Logo of Certified Information Security Manager certification
Logo of Certified Information Systems Auditor certification
Logo of Certified Information Systems Security Professional certification
Logo of Certified in the Governance of Enterprise IT certification
Logo of Certified Lead Auditors and ISMS Implementer certification
Logo of Certified to NSAs INFOSEC Assessment Methodology certification

Data Sources & Collection

VulnDB monitor more than 3000+ sources for disclosure of new Vulnerabilities:

We monitor everywhere possible and all the products you care about
We standardise all the reports
We collect everything in one place
We assess the validity and accuracy of reports to a certain extent, correcting mistakes and weeding out invalid and duplicate reports
We add technical details that cannot be found in the original reports
We add a lot of extra metrics to help you better prioritize remediation including information about severity, exploit availability, and report confidence.
We provide metrics about how well a given vendor handles vulnerabilities in their products, so you know which vendors care the most about security
We provide metrics about the code maturity of a given product, so you know how secure it has been coded and how the vendor has invested into security
We provide metrics about vendors and products that are most likely to put your organization at risk for a data breach, which you cannot get anywhere else.

We do all of this, so you don’t have to and can focus on the issues at your organization! In the past, while still not advisable, it was possible for an organization to at least cover the basics themselves. These days it is too costly and resource intensive.

Key Differentiators

VulnDB is the by far most comprehensive Vulnerability Database available.

Comprehensive Vulnerability Intelligence:

  • Vulnerability source information, extensive references, links to Proof of Concept code and solutions
  • Disclosure timeline, researcher & other vulnerability metadata
  • Full mapping to CVE
  • Identified and cataloged over 72,022 vulnerabilities not found in CVE/NVD

**Vulnerability Alerting Without Scanning: **

  • RESTful API provides access to raw vulnerability data
  • Vulnerabilities identified without having to scan your network by mapping to your assets
  • Real time alerting and threat modeling
  • Integrate vulnerability intelligence into your existing tools or workflow
  • Leverage existing GRC, ITIL, Asset Management/CMDB or SIEM products

**Vendor and Product Risk Ratings: **

  • Proprietary Vulnerability Timeline and Exposure Metrics (VTEM)
  • Determine which products and vendors are putting your organization at risk, including how quickly they respond to researchers and provide patches
  • Extended classification system and our own CVSS scores
  • Extensive historical data, for a full picture of a vendor or product
  • Ability to compare vendor and products
  • Cost of Ownership Analysis

3rd Party Libraries

  • Over 2,000 software libraries identified
  • Comprehensive insight on vulnerabilities in 3rd Party Libraries used in products and software development
  • Single source of information to monitor each library to ensure that newly disclosed vulnerabilities are addressed
  • Metrics provide the ability to evaluate and select the best third-party libraries

Connectors & Integrations

  • Easily link VulnDB with existing IT tools and security software at your organization
  • Automatic identification of dependencies/libraries that are used by development teams
  • Faster setup to monitor products for vulnerability alerts
  • Easily map your critical assets to vulnerabilities in your Asset Management systems
  • Numerous options including Github, Slack, RSA Archer, Splunk and more!

Application Framework

  • Ability to group products and dependencies used by applications or projects
  • Track and alert on vulnerabilities for applications
  • Track the various open source licenses by dependency
  • Connect to Github or upload a dependency file to automatically create an Application
  • Multiple languages supported including .NET, Java, JavaScript, PHP, Python and Ruby

“Swisscom evaluated various suppliers of vulnerability intelligence. We have been convinced by VulnDB superior coverage, timeliness in the updates, and long term monitoring of exploits. We are also really appreciating RBS’ own CVSS rating and classification, based on expert knowledge of the standard and practical use in the industry. Having all these curated information at your fingertip is a game changer.”

Stéphane Grundschober
Vulnerability Manager, Swisscom (Switzerland) Ltd.

For more information please visit https://vulndb.cyberriskanalytics.com/

Data Privacy

Integrations

Logo of Brinqa integration
Logo of Dependency-Track integration
Logo of Device42 integration
Logo of GitHub integration
Logo of JFrog integration
Logo of Polarity integration
Logo of Recorded Future integration
Logo of RSA integration
Logo of ServiceNow integration
Logo of splunk integration
Logo of Square Security integration

Alternative Providers

View more alternatives

Risk Based Security Reviews

Your Review

There are not enough reviews and ratings for Risk Based Security at the moment. Have you worked with Risk Based Security? You can help other data professionals better understand Risk Based Security’s data products and services by leaving a review now.

Data Quality
Data Volume
Value for Money
Customer Service
Minimum 200 characters

Frequently asked questions about Risk Based Security

What does Risk Based Security do?

Risk Based Security provides data breach and vulnerability intelligence to equip organizations with evidence-based threat analysis and risk management strategies to address information security and compliance challenges. Risk Based Security, Inc. equips organizations with security information, security program toolkits, risk management methodologies and on-demand security expertise to establish customized risk-based solutions to address information security and compliance challenges. We are technology enhanced information security and risk management experts ready to assist your organization in identifying your true risks to your most valuable assets in order to guide the implementation of security controls where they are needed most, resulting in the right security at the best price. Specialties Data Breach Analytics, Security Intelligence Reports, Vulnerability Intelligence, Risk Management, Incident Response, ISO/IEC 27001:2005 Cyber Risk Analytics (CRA) provides actionable threat intelligence about organizations that have experienced a data breach or leaked credentials. Along with our PreBreach Risk Ratings, this provides a deep dive into the metrics driving cyber exposures, as well as understanding the digital hygiene of an organization and predicting the likelihood of a future data breach. The integration of PreBreach ratings into security and underwriting processes, vendor management programs, and risk management tools allows organizations to avoid costly risk assessments, while enabling businesses to act quickly and appropriately to proactively protect it’s most critical information assets.

What kind of data does Risk Based Security have?

Cyber Risk Data

How does Risk Based Security collect data?

VulnDB monitor more than 3000+ sources for disclosure of new Vulnerabilities: We monitor everywhere possible and all the products you care about We standardise all the reports We collect everything in one place We assess the validity and accuracy of reports to a certain extent, correcting mistakes and weeding out invalid and duplicate reports We add technical details that cannot be found in the original reports We add a lot of extra metrics to help you better prioritize remediation including information about severity, exploit availability, and report confidence. We provide metrics about how well a given vendor handles vulnerabilities in their products, so you know which vendors care the most about security We provide metrics about the code maturity of a given product, so you know how secure it has been coded and how the vendor has invested into security We provide metrics about vendors and products that are most likely to put your organization at risk for a data breach, which you cannot get anywhere else. We do all of this, so you don’t have to and can focus on the issues at your organization! In the past, while still not advisable, it was possible for an organization to at least cover the basics themselves. These days it is too costly and resource intensive.

What platforms is Risk Based Security integrated with?

Square Security, Dependency-Track, GitHub, Polarity, Brinqa, Device42, ServiceNow, splunk, Recorded Future, JFrog, and RSA

What are you looking for?