Sevco Security and VulnCheck announced a strategic partnership. In conjunction with
the partnership, Sevco launched significant enhancements to its
vulnerability prioritization and exposure management capabilities by
integrating VulnCheck's unparalleled exploit and vulnerability
intelligence with the Sevco platform. The companies will demonstrate
their integration at Black Hat USA in Las Vegas, August 7-8, 2024.
Sevco provides the most comprehensive visibility into an organization's
attack surface and the assets in its IT environment. The Sevco platform
consolidates CVEs from the many sources that report them and uncovers
environmental vulnerabilities to improve the efficacy of vulnerability
management programs. Through its partnership and integration with
VulnCheck, Sevco enriches CVEs with VulnCheck data, providing
organizations with the most comprehensive view of vulnerabilities and
their potential for weaponization or exploitation in the wild. Through
enhancements to the Sevco Unified Vulnerability Dashboard, security
teams now have the deepest contextual understanding of their
vulnerability risks.
"With the exploitation of vulnerabilities increasing 180% over the past year,
organizations must mature their vulnerability management programs as a
strategic priority," said J.J. Guy, co-founder and CEO at Sevco
Security. "Our partnership with VulnCheck enables us to significantly
build on the vulnerability hunting capabilities in the Sevco platform by
adding the most complete exploit intelligence on the market. The
combination gives security teams the only real-time threat visibility
for software assets, enabling them to act faster and smarter in
remediating vulnerabilities."
The Sevco-VulnCheck partnership enables organizations to accelerate the
maturity of their vulnerability management programs by providing the
following foundational elements:
-
Complete Asset Inventory - Sevco's security asset inventory
automatically provides security teams a complete and accurate view of
devices - and the agents used to manage them - that is essential for
understanding where vulnerabilities could be hiding.
-
Vulnerability Consolidation & Prioritization - Sevco
consolidates vulnerabilities from any source that reports them into one
platform, and VulnCheck provides the exploitation intelligence
vulnerability management programs can use to triage and prioritize
vulnerabilities.
-
Remediation, Validation and Reporting -- Sevco provides
extensible asset data to combine business-related context with the
vulnerability and exploit intelligence from VulnCheck to determine, act,
and report on the risk specific to each organization.
The Sevco platform aggregates, de-duplicates and correlates asset data
from multiple technology silos in real time and presents information
through its Unified Vulnerability Dashboard. This includes vulnerability
data from customers' existing tools, including Tenable, Cisco VM/Kenna,
CrowdStrike, Qualys, Fortra, Rapid7, SentinelOne and Nessus. These
sources, however, only cover a fraction of vulnerabilities in the wild
and lack critical information such as CVSS scores or Known Exploited
Vulnerabilities (KEVs).
The integration of VulnCheck provides more than 300 million unique data
points from 400+ sources to autonomously enrich the aggregated and
deduplicated vulnerabilities in the Sevco platform. VulnCheck covers
over 80% more exploited vulnerabilities in the wild than the CISA KEV,
and on average notifies users 27 days earlier than CISA and 14 days
faster than NIST NVD.
"Enterprise systems have evolved to the point where security teams
demand the fastest threat data to defeat adversaries and reduce risk,"
said Anthony Bettini, founder and CEO at VulnCheck. "At the same time,
effective vulnerability management requires a comprehensive and accurate
asset inventory that is updated in real time. The combination of Sevco
and VulnCheck enables enterprises to continuously discover and analyze
across all assets to identify vulnerable conditions before an attacker can exploit them."