News
Cymulate Expands End-to-End Security Posture Validation Capabilities with Vulnerability Prioritization Technology and External Attack Surface Assessment
September 2021 by Marc Jacob
Cymulate announced the launch of two new solutions to enable businesses to validate their security technologies and policies. Attack Surface Management (ASM) discovers exploitable external assets, and Vulnerability Prioritization Technology (VPT) that integrates with vulnerability scanners to reduce risk exposure time on internal assets. These new offerings empower security teams to efficiently prioritize vulnerabilities and mitigation steps, ensuring shorter time to remediation.
With the exponential increase in Common Vulnerabilities and Exposures (CVEs), organizations are in a constant race to discover, prioritize and remediate vulnerable assets. Current vulnerability management platforms do not take into account the effectiveness of compensating controls and their ability to detect and/or prevent the exploits associated with the discovered vulnerabilities. They end up using uncontextualized vulnerabilities and information that leads to inaccurate prioritization which wastes time trying to push patches that do not always address the problem.
In order to simulate a full-scale attack, a company needs to go back to the reconnaissance stage, and look for all the organization’s weaknesses and vulnerabilities. Cymulate’s platform maps these, finds the weaknesses and gathers all the initial intelligence information about the organization. ASM and VPT immediately improves Vulnerability Management programs through these identified exploitable assets and integrates with the VM platform to contextually prioritize the discovered vulnerabilities. By demonstrating in real-time which exploits can or cannot circumvent the cyber security controls, Cymulate reduces the overwhelming vulnerability scan results, down to an actionable, prioritized and manageable list.
Cymulate Attack Surface Management
Cymulate’s Attack Surface Management technology emulates real attackers to identify digital assets (such as domains, IP addresses and more), and assess their exploitability against the organization’s security policies and solutions. With findings mapped to the MITRE ATT&CK® framework’s TTPs (Tactics, Techniques and Procedures), business enterprises can take the necessary mitigation steps.
Vulnerability Prioritization Technology
A record number of nearly 20,000 vulnerabilities were disclosed in 2020, of which 57% were classified as critical or high severity, yet patching remains a struggle for many organizations due to limited resources, complexity of legacy systems, inability to prioritize and internal pressures. This new solution offered to security professionals and executives assesses the vulnerabilities’ potential impact on the security posture and prioritizes which patches to implement, assuring business continuity.
Cymulate’s VPT solution integrates with leading third-party vulnerability management solutions including Qualys, Tenable, Insight and Microsoft Defender. The solution cross-references information on vulnerabilities provided by these vendors, with the analysis from Cymulate’s security posture validation platform offering a practical view of compensatory security controls over unpatched vulnerabilities in the network.
