Most security leaders feel their programs are mature, but data reveals otherwise

84% of security and IT leaders feel their enterprise programs are mature, but a deeper dive reveals a major disconnect between perception and reality, Vulcan Cyber reveals.

enterprise programs

“We already know most enterprise programs are immature – we see it every day in the field. What caught us off guard was that the vast majority of respondents felt otherwise,” said Yaniv Bar Dayan, CEO of Vulcan Cyber.

“Given the amount of breaches caused by known, unpatched vulnerabilities, that reveals a surprising disconnect that merits a closer look. So we mapped the survey data to our maturity model – the only way to raise the bar for vulnerability management is to show IT leaders how to transition their programs from managing vulnerabilities to remediating them.”

Key research findings

  • The most mature element of enterprise vulnerability management programs are vulnerability scanning (72%), followed by the effective use of vulnerability remediation tools (49%) and vulnerability prioritization (44%).
  • The three least-mature elements are orchestrated, collaborative remediation (48%), continuous, automated remediation (48%) and business alignment around cyber hygiene objectives (31%). This indicates that vulnerability management processes are siloed, ad-hoc, and inefficient, calling into question their ability to produce outcomes that actually remediate vulnerabilities and secure IT.
  • 89% of security and IT teams say they spend at least some time collaborating with cross-functional teams to remediate vulnerabilities, with 42% reporting they spend “a lot” or “too much” (7%) time every week working with other teams. A notable 83% of companies that said they spend too much time collaborating with other teams have 500-1,000 employees.
  • Roughly 50% of IT and security teams share responsibility for key remediation functions (identifying vulnerabilities, prioritization, crafting remediation strategies, deploying patches and remedies, etc.), revealing an opportunity to facilitate more effective and efficient collaboration by clearly defining the division of labor.

enterprise programs

“Vulnerability scanning and prioritization are essential functions, but they are the bare minimum – not what constitutes a mature program,” Bar-Dayan continues.

“In our experience, program bottlenecks are further along in the remediation lifecycle, stemming from inefficient cross team collaboration. Changing that requires organizations to update and automate their remediation processes. It’s a serious undertaking, but one that transforms vulnerability management programs into a powerful lever for shrinking security debt and strengthening the company’s security posture.”

Vulcan Cyber now offers customizable vulnerability prioritization for efficient vulnerability remediation

Vulcan Cyber, developers of the industry’s only end-to-end vulnerability remediation platform, announced customers can now add custom risk parameters to existing Vulcan Cyber vulnerability prioritization algorithms for efficient vulnerability remediation.

With the addition of custom risk scripts Vulcan Cyber is first to help security and IT operations teams run more-targeted, end-to-end vulnerability remediation campaigns contextualized to the risk appetite of their business.

Traditional approaches to vulnerability risk prioritization focus on inputs such as CVSS severity and threat intelligence but lack critical business context. Remediation teams using Vulcan Cyber already have an advantage with the ability to enhance basic vulnerability risk scores weighted with business asset data.

With this release Vulcan Cyber customers can now take vulnerability prioritization a step further using customizable risk parameters. The Vulcan Cyber vulnerability remediation platform integrates these inputs to deliver business-relevant vulnerability prioritization combined with streamlined remediation.

Sounil Yu, former Bank of America chief security scientist, and YL Ventures CISO in residence, said, “Risk-based vulnerability prioritization has become an essential best practice, but most companies rely on models that only incorporate the severity of the vulnerability. Some go further and also factor in threats against that vulnerability.

“The Vulcan Cyber approach goes two steps further. First, it delivers systematic and automated inclusion of business impact, which often is the most influential factor that drives vulnerability prioritization.

“Second, Vulcan Cyber actually fixes the vulnerability based on their remediation intelligence knowledgebase and the prioritization offered by a more precise and accurate risk model. Until now tools in this space have only told us what to fix. With Vulcan Cyber it gets fixed.”

Yaniv Bar-Dayan, Vulcan Cyber co-founder and CEO, said, “Every business has a unique appetite for risk. To apply a universal, often-irrelevant scoring model to vulnerability prioritization is inefficient at best, dangerous at worst.

“Vulnerabilities permeate dynamic infrastructure and application environments with myriad risk vectors that CVSS scores and threat intelligence alone can’t account for. The addition of custom risk parameters to business asset context allows our customers to apply their own unique risk profiles to the work of vulnerability remediation.”

Precise vulnerability prioritization requires each vulnerability instance to be addressed within the context of business risk. The same vulnerability if exploited on two different servers will impact connected environments in different ways.

Most vulnerability management teams today prioritize remediation based exclusively on external factors such as severity or exploitability. While useful, these inputs lack business context and fall short. The Vulcan Cyber risk algorithm calculates vulnerability priority based on:

  • Technical severity – CVSS or other vulnerability-specific scores.
  • Threat intelligence – Exploits, malware, hacking campaigns, and TI in the wild.
  • Business criticality – Unique breach impact to the organization and its business assets.

Prioritization scores generated by the Vulcan Cyber platform can now be further manipulated by remediation teams applying custom-weighted attributes to the risk model’s algorithm.

The Vulcan Cyber vulnerability prioritization engine is dynamic and allows security and IT operations teams to use custom risk scripts to efficiently remediation vulnerabilities and secure digital business.

Customizable Vulcan Cyber vulnerability prioritization is now generally available through the Vulcan Cyber remediation orchestration SaaS platform.

10 hot industry newcomers to watch at RSA Conference 2020

The RSA Conference Early Stage Expo is an innovation space dedicated to promoting emerging talent in the industry. Here are some of the most exciting companies exhibiting innovative products and solutions, which you can see in person in the San Francisco Ballroom, Moscone South, Level 2.

Abnormal Security

Abnormal Security stops targeted email attacks. Abnormal Behavior Technology models the identity of both employees and external senders, profiles relationships and analyzes email content to stop attacks that lead to account takeover, financial damage and organizational mistrust. Abnormal sets up in minutes with Office 365 and G Suite, has no end-user friction, and does not disrupt email flow.

Early Stage Expo RSA Conference 2020

We talked with Evan Reiser, CEO of Abnormal Security, about how layering diverse defenses is crucial for stopping email attacks.

Armorblox

The Armorblox platform uses natural language understanding and deep learning to analyze content, context, and metadata on all business communications. Armorblox protects against targeted email attacks, prevents accidental or malicious data disclosure, and stops insider threats.

Early Stage Expo RSA Conference 2020

We interviewed Armorblox CEO Dhananjay Sampath about thwarting email-based social engineering attacks.

BluBracket

BluBracket is the first comprehensive security solution for code in the enterprise—so developers can innovate and collaborate, and security teams can sleep at night. Using BluBracket, companies can view, monitor and secure their code, without altering developer workflow.

Early Stage Expo RSA Conference 2020

Fuzzbuzz

Fuzzbuzz is a fuzzing platform and set of tools that enables dev & sec teams to effortlessly find severe bugs and vulnerabilities by integrating fuzzing into the SDLC. Fuzzbuzz saves developer time by eliminating false positives, ensuring bugs are never reintroduced, and automatically generating fuzz harnesses.

Early Stage Expo RSA Conference 2020

K2 Cyber Security

K2’s Next Generation Application Workload Protection Platform protects web and binary applications from attacks. K2’s deterministic approach eliminates false positives and provides runtime protection against OWASP top 10 attacks.

Using proprietary OCFI technology to create a DNA map of each application, K2 provides exact location of vulnerability saving significant time and effort.

Early Stage Expo RSA Conference 2020

Kindite

Kindite assembled a unique set of confidential computing technologies into a single data-protection platform, which ensures data is encrypted end-to-end, even while being processed. Kindite’s platform keeps the encryption keys within the organization’s trusted environment, creating a true zero-trust relationship with any infrastructure while maintaining full business continuity.

Early Stage Expo RSA Conference 2020

For more depth, read the following articles Kindite contributed to Help Net Security:

LevelOps

LevelOps is an application security platform that helps security teams manage the security lifecycle, across multiple products and from requirements to operations. LevelOps integrates with existing tools in your SDLC and provides a way for security teams to scale, without compromising engineering velocity.

Early Stage Expo RSA Conference 2020

Shujinko

Shujinko brings cloud compliance know-how together with automation to make compliance and audits fast and easy. Shujinko helps confidently prepare for an audit by automating most of the technical controls that are error-prone to set up in a compliant way, as well as the evidence collection and documentation that takes thousands of hours to complete.

Early Stage Expo RSA Conference 2020

vFeed

The vFeed correlation algorithm analyzes a large plethora of scattered vendors advisories and third party sources, then standardizes the content with the respect to industry security open standards.

Early Stage Expo RSA Conference 2020

Vulcan Cyber

Vulcan Cyber is a vulnerability remediation and orchestration platform that is modernizing the way enterprises reduce cyber risk. With its remediation-driven approach, Vulcan automates and orchestrates the vulnerability remediation lifecycle, enabling security, operational and business teams to effectively remediate cyber risks at scale.

Early Stage Expo RSA Conference 2020

RSA Conference announces finalists for Innovation Sandbox Contest 2020

RSA Conference announced the 10 finalists for its Innovation Sandbox Contest 2020. The competition calls on the most promising young companies in cybersecurity to showcase their transformative technologies to a panel of judges and live audience at RSA Conference 2020 in San Francisco. Past winners include Imperva, Phantom, and most recently, Axonius.

Innovation Sandbox Contest 2020

Dr. Herbert (Hugh) Thompson

On Monday, February 24, the finalists will present a three-minute pitch followed by a question-and-answer round as they battle on stage for the title of “Most Innovative Startup.” The renowned panel of expert judges includes:

  • Asheem Chandna, Partner, Greylock Partners
  • Scott Darling, President, Dell Technologies Capital
  • Dorit Dor, VP Products, Check Point Software Technologies
  • Patrick Heim, Partner and CISO ClearSky
  • Paul Kocher, Researcher and Entrepreneur.

Dr. Herbert (Hugh) Thompson, Program Committee Chair of RSA Conference, will return to host the contest.

The Innovation Sandbox Contest 2020 finalists (in alphabetical order) are:

AppOmni

AppOmni is a leading software-as-a-service (SaaS) security and management platform providing data access visibility, management, and security of SaaS solutions. AppOmni’s patent-pending technology deeply scans APIs, security controls, and configuration settings to secure mission-critical and sensitive data.

Blu Bracket

BluBracket is an enterprise security solution for code in a software-driven world. BluBracket gives companies visibility into where source code introduces security risk while also enabling them to fully secure their code—without altering developer workflows or productivity.

Elevate Security

Elevate Security solves for the human element. Using data companies already have, Elevate Security scores employee risk based on their security actions, showing actionable trends while delivering personalized communications that nudge employees to better security habits.

ForAllSecure

ForAllSecure aims to secure the world’s software. Using patented technology from CMU research, ForAllSecure delivers a next generation fuzzing solution to Fortune 1000 companies in telecom, aerospace, automotive and more. DARPA named ForAllSecure a Cyber Grand Challenge winner and MIT Tech Review named it one of the 50 Smartest Companies.

INKY Technology

INKY is an industry leader in mail protection powered by unique computer vision, artificial intelligence, and machine learning. The company’s flagship product, INKY Phish Fence, uses these novel techniques to “see” each email much like a human does, to block phishing attacks that get through every other system.

Obsidian Security

Obsidian Cloud Detection and Response delivers frictionless security for SaaS. Using a unique identity graph and machine learning, Obsidian stops the most advanced attacks in the cloud. Unified visibility across applications, users, and data provides threat detection, breach remediation, and security hardening with no production impact.

SECURITI.ai

SECURITI.ai is a leader in AI-powered PrivacyOps. Its PRIVACI.ai solution automates privacy compliance with patent-pending People Data Graphs and robotic automation. It enables enterprises to give rights to people on their data, comply with global privacy regulations and build trust with customers.

Sqreen

Sqreen is the application security platform for the modern enterprise. Organizations of all sizes trust Sqreen to protect, observe and test their software. As opposed to pattern-based approaches, Sqreen analyses in-app execution in real time to deliver more robust security without compromising performance.

Tala Security

Tala safeguards the modern web against client-side risk. Tala’s AI-driven analytics engine continuously interrogates site architecture to work in concert with an advanced automation engine that activates standards-based security to prevent a broad range of client-side attacks like magecart, XSS, session re-directs, and client-side malware.

Vulcan Cyber

Vulcan is a vulnerability remediation and orchestration platform that is modernizing the way enterprises reduce cyber risk. With its remediation-driven approach, Vulcan automates and orchestrates the vulnerability remediation lifecycle, enabling security, operational and business teams to effectively remediate cyber risks at scale.

“The RSAC Innovation Sandbox has catapulted young companies to success for well over a decade. In fact, the top 10 finalists have collectively seen 48 acquisitions and raised $5.2 billion in investments to-date,” said Linda Gray Martin, Senior Director and General Manager, RSA Conference. “But what’s really exciting is how the competition has propelled the entire cybersecurity community forward by encouraging much-needed innovation and collaboration in an industry that faces new changes, threats and challenges every day. This year’s finalists will undoubtedly make for a tough decision for the judges and a must-see event for RSA Conference attendees.”

The contest kicks off at 1:30 PM PT on February 24 at the Moscone Center and winners will be announced at 4:30 PM that same day.