Leading security validation platform substantially reduces the exposure of enterprises' external and internal assets
NEW YORK and RISHON LEZION, Israel, Sept. 23, 2021 /PRNewswire/ -- Cymulate, the industry standard for SaaS-based Continuous Security Validation, announced today the launch of two new solutions to enable businesses to validate their security technologies and policies. Attack Surface Management (ASM) discovers exploitable external assets, and Vulnerability Prioritization Technology (VPT) that integrates with vulnerability scanners to reduce risk exposure time on internal assets. These new offerings empower security teams to efficiently prioritize vulnerabilities and mitigation steps, ensuring shorter time to remediation.
With the exponential increase in Common Vulnerabilities and Exposures (CVEs), organizations are in a constant race to discover, prioritize, and remediate vulnerable assets. Current vulnerability management platforms do not take into account the effectiveness of compensating controls and their ability to detect and/or prevent the exploits associated with the discovered vulnerabilities. They end up using uncontextualized vulnerabilities and information that leads to inaccurate prioritization which wastes time trying to push patches that do not always address the problem.
In order to simulate a full-scale attack, a company needs to go back to the reconnaissance stage, and look for all the organization's weaknesses and vulnerabilities. Cymulate's platform maps these, finds the weaknesses, and gathers all the initial intelligence information about the organization. ASM and VPT immediately improves Vulnerability Management programs through these identified exploitable assets and integrates with the VM platform to contextually prioritize the discovered vulnerabilities. By demonstrating in real-time which exploits can or cannot circumvent the cyber security controls, Cymulate reduces the overwhelming vulnerability scan results, down to an actionable, prioritized and manageable list.
"Our customers were facing an ongoing challenge of patching vulnerable assets," said Avihai Ben-Yossef, Co-Founder and CTO of Cymulate. "We looked at the possibility of acquiring a company that collects attack surface data for contextualizing the vulnerabilities presented by Cymulate, but after much research we saw that existing ASM solutions do not offer organizations the full coverage they need to optimally produce a contextualized vulnerabilities prioritizing list. We are proud to have developed a solution in-house that meets the needs of our customers."
"Security challenges have greatly intensified this past year, creating more daily problems for security teams to handle and stay on top of, however many lack the resources to deal with them," said Eyal Wachsman, CEO and Co-Founder of Cymulate. "Controlling the risk of vulnerability patching in line with the enterprise's security posture makes the difference between businesses losing a few minutes or hours of downtime versus days or months. Equally, enabling the visibility of higher risk penetration vectors, where attackers are most likely to start their campaigns from, is just as critical. With these additional capabilities, more customers find Cymulate solving multiple use cases as a holistic security posture validation platform."
Cymulate Attack Surface Management
Cymulate's Attack Surface Management technology emulates real attackers to identify digital assets (such as domains, IP addresses, and more), and assess their exploitability against the organization's security policies and solutions. With findings mapped to the MITRE ATT&CK® framework's TTPs (Tactics, Techniques, and Procedures), business enterprises can take the necessary mitigation steps. For more information click here.
Vulnerability Prioritization Technology
A record number of nearly 20,000 vulnerabilities were disclosed in 2020, of which 57% were classified as critical or high severity, yet patching remains a struggle for many organizations due to limited resources, complexity of legacy systems, inability to prioritize, and internal pressures. This new solution offered to security professionals and executives assesses the vulnerabilities' potential impact on the security posture and prioritizes which patches to implement, assuring business continuity.
Cymulate's VPT solution integrates with leading third-party vulnerability management solutions including Qualys, Tenable, Insight, and Microsoft Defender. The solution cross-references information on vulnerabilities provided by these vendors, with the analysis from Cymulate's security posture validation platform offering a practical view of compensatory security controls over unpatched vulnerabilities in the network.
Cymulate Continuous Security Validation platform enables companies to challenge, assess, and optimize their cyber-security posture against the evolving threat landscape, simply and continuously. The platform provides out-of-the-box, expert, and threat intelligence led RISK assessments that are simple to use for all skill levels, and constantly updated. It also provides an open framework for ethical hackers to create and automate red and purple team exercises, and security assurance programs tailored to their unique environment and security policies. Cymulate helps security professionals to know and control their dynamic environment.