Virtualization Technology News and Information
Article
RSS
GreyNoise Introduces New Vulnerability Intelligence Solution

GreyNoise Intelligence introduced a new vulnerability intelligence solution that helps internal security teams more effectively manage their response and remediation to new vulnerabilities and exploits.  This new solution provides active, In-the-Wild (ITW) exploitation data to assist vulnerability management teams with patch prioritization and emergency response scenarios.

"GreyNoise now offers real-time insight into active ITW exploitation activity that no one else provides," said Ash Devata, CEO, GreyNoise.  "In doing so, it provides the missing link to help cybersecurity teams effectively prioritize critical patches and execute immediate countermeasures to new emerging vulnerabilities and exploits." 

Patching software is often disruptive and time-consuming, and introduces business risks such as service downtime, disruption to other priorities, and potentially lost revenue. In order to justify these risks, vulnerability management teams need clear and compelling data to illustrate the necessity of taking a system offline to implement a patch. Data that clarifies the likelihood of exploitation has become a critical consideration factor in making decisions about whether or not to immediately patch a system. 

"There are many existing vulnerability prioritization solutions that include information like ‘Known Exploits Available' or ‘In the Wild'  - the issue is that these attributes quickly become stale," said Corey Bodzin, Chief Product Officer, GreyNoise.  "Technically, a snippet of proof-of-concept code is an available exploit, but it isn't the same as a mass exploitation attack by a criminal organization.  A hard-to-exploit race condition that requires a lot of time and effort might be ‘In the Wild,' but that doesn't require the same urgency to fix as something an actor is actively exploiting today. Only GreyNoise can tell vulnerability teams which CVEs need attention now based on what attacks are actually happening today." 

GreyNoise is the first company to offer active, real-time ITW exploitation data, one of the most compelling evidence points to consider when determining the best course of defense against a specific vulnerability. This unique data serves as a very strong indicator about the likelihood of exploitation, and can be used to help cybersecurity teams not only quickly determine the criticality of a specific patch, but also convince cross-functional teams to take necessary action.

"Cybersecurity teams are constantly barraged by an increasing number of critical vulnerabilities that need to be patched. The industry needs a better way to identify which ones are truly critical and time-sensitive," said Andrew Morris, Founder and Chief Architect, GreyNoise Intelligence. "Providing high quality, real-time data about active ITW exploitation will not only help vulnerability management teams make better decisions about what fixes to prioritize, it will enable them to do a better job of defending against emerging threats more broadly."

GreyNoise provides clear and compelling data to help vulnerability management teams determine which patches are truly critical and time-sensitive.  By understanding active ITW exploitation patterns, teams can make decisions with a higher degree of confidence and implement immediate, effective countermeasures such as targeted and dynamic IP blocklist during exposure windows.

"In today's modern IT environments of increasing assets and attack surfaces, security teams are challenged with remediating an overload of vulnerabilities," said David Vance, Senior Analyst, Enterprise Strategy Group. "Addressing the most impactful vulnerabilities on the highest risk assets is crucial to effectively managing cyber risk posture. The new GreyNoise solution goes beyond aggregation of threat intelligence data - it provides real-time intelligence on what is actively happening in the wild by collecting data through its vast global network of sensors. Security teams can incorporate this intelligence into their vulnerability management process to make accurate, impactful decisions to prioritize needed vulnerability remediation and minimize overall risk to their business."

Published Friday, August 02, 2024 7:43 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<August 2024>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
25262728293031
1234567