Hi ALL,
is there a way to leverage Google Cloud Threat Intelligence (GCTI) or Mandiant intelligence to identify exploits or vulnerabilities present in our environment? Specifically, does the Context Graph expose relationships between assets, vulnerabilities, exploits, malware, threat actors, or campaigns that can be queried?
For example, can we query Context Graph associations like:
graph.metadata.threat.associations.type = "MALWARE" // Something else i might have missed
graph.metadata.threat.associations.role = "Credential Stealer" // Exploit or something similar
And similarly pivot to exploit or vulnerability-related entities (e.g., CVEs, exploited vulnerabilities, exploit kits, or malware associated with known vulnerabilities) to identify potential exposure within the environment?
