Investigate Vulnerabilities with STIX-Based Relationships

Use Vulmatch to investigate vulnerabilities as linked intelligence rather than as isolated records.

Overview

This use case is for teams that want to investigate vulnerabilities as part of a wider intelligence picture. Vulmatch stores vulnerability information in STIX 2.1 format, which makes it easier to work with linked objects and relationship-driven analysis.

Typical workflow

An analyst starts with a vulnerability or product of interest, then pivots through related enrichment and connected intelligence objects to understand broader context. This is especially useful when a team wants to move from simple lookup to graph-aware investigation, sharing, or downstream CTI operations.

Why teams use Vulmatch here

Vulmatch is useful in this workflow because it keeps the data structured for relationships. That makes it a better fit for graph-based analysis and STIX-aware tooling than a flat text record alone.

Teams can investigate how a CVE relates to vulnerable software, ATT&CK or CAPEC content, KEV reporting, EPSS history, and other linked context that becomes more useful when viewed as connected intelligence rather than isolated fields.