New!!! Try out our free CVE database center and stay up to date with CVE threats.

Start Researching

Patch-less Vulnerability Management

Better protect against software vulnerabilities in your  Operating Systems

0%
of cyber attacks result from
Software Vulnerabilities Software
Vulnerabi
lities
Software Vulnerabilities Software
Vulnerabi
lities
SoftwareVulnerabilities SoftwareVulnerabilities
TOPIA

Topia

Efficiently Reduce Organizational Security Risk

With hundreds of new software and OS vulnerabilities detected each month, productive use of your patching time is essential. Reducing organizational security risk can be strenuous, but with TOPIA’s vulnerability assessment toolbox, you get smart prioritization and safe remediation—with or without a security patch. TOPIA allows security teams to apply a consistent, comprehensive, and clear approach to identifying and resolving security threats and risks.

TOPIA
image

All-in-one
Vulnerability Assessment

A single agent that analyze, prioritize, and remediate cyber threats before they're exploited. TOPIA's is a unified cloud-based cost-effective vulnerability assessment tool.TOPIA is actively identifying risks and eliminates threats using proprietary xTags™ and Patchless Protection™ that go beyond traditional vulnerability management.

#Solution
#Solution
image

TOPIA Solution

image

Asset Inventory

Take control with TOPIA’s cloud-based, real-time visibility and get an exhaustive catalog of active servers and workstations. Accurate knowledge of your organization’s digital footprint is key for effective security control. It’s never been easier to manage assets at any scale.

image

Threat Analysis and Prioritization

Focus on the vulnerabilities that affect you the most. With real-time, contextual app vulnerability and asset-risk analysis combinations, TOPIA maps your digital environment to help you prioritize current vulnerabilities for mitigation and detect new ones.

image

Patch Management

Efficiently reduce organizational security risk with TOPIA’s integrated patch deployment tools. TOPIA allows you to quickly test and install patches across your organization’s assets while maintaining transparency between departments. Taking active steps toward remediation., leveraged by IT and security teams to assess and improve your threat mitigation and prevention processes.

image

Patchless protection

With TOPIA's Patchless Protection™ deploys a force field around your most vulnerable assets using in-memory protection. TOPIA ensures your assets are always protected, even when a patch has not yet been prepared, tested, or deployed.

image

TOPIA
Unified Vulnerability Management

TOPIA continuously analyzes vulnerabilities, prioritizes threats, and protects vulnerable assets in real-time so your team can focus on getting more done.

#Analyze

#Prioritize

#Act

01
# Analyze
  • App & OS Auto Recognition
  • App Real-time Threat Analysis
  • Asset Real-time Threat Analysis
02
# Prioritize
  • Auto Prioritization Engine
  • Asset Risk Analysis
  • xTags ™
  • 0-Day Analysis
03
# Act
  • Recommended Action Engine
  • Real-Time Security Patch Management
  • Patchless Protection ™
Trusted by
Trusted by
  • Oshri Cohen

    CISO

    image
  • Ivo Dimitrov

    CISO

    image
  • Stefania Costa Cirillo

    IT Manager

    image
  • Merge Security & IT to Remediate Threats

    Vicarius’s TOPIA enabled Adama to centralize and consolidate work between IT and security teams, leading to a more efficient patching workflow.

  • Close Patching Windows to Reduce Exposure

    Vicarius's advanced technology was able to protect us during the most vulnerable moment in our patching cycle. TOPIA kept VIP Security safe between patching windows with its proprietary Patchless Protection™ technology.

  • Straightforward and Easy

    Vicarius's proactive solution was able to predict threats across our organization faster and better than any other solution. TOPIA's cloud-based environment provided Telit with immediate feedback on their remediation efforts, critical for the new work-from-home (WFH) paradigm.

Join Live Demo

Monday

at

12:00

PM UTC+00:00

Join our weekly webinar where we discuss topics related to cybersecurity and vulnerability management.

#Research
Center

Recent CVEs

CVE-2019-8639

8.8
CVSS
a day ago

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8638

8.8
CVSS
a day ago

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8838

7.8
CVSS
a day ago

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.

CVE-2019-8837

7.8
CVSS
a day ago

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A malicious application may be able to access restricted files.

CVE-2019-8836

7.8
CVSS
a day ago

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.

CVE-2019-8633

7.5
CVSS
a day ago

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory.

CVE-2019-8631

7.5
CVSS
a day ago

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3. Users removed from an iMessage conversation may still be able to alter state.

CVE-2019-8618

7.5
CVSS
a day ago

A logic issue was addressed with improved restrictions. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A sandboxed process may be able to circumvent sandbox restrictions.

CVE-2019-8582

5.5
CVSS
a day ago

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory.

CVE-2018-4339

5.5
CVSS
a day ago

This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.

CVE-2020-7755

7.5
CVSS
a day ago

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values.

CVE-2020-7754

7.5
CVSS
2 days ago

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.

CVE-2020-23945

7.5
CVSS
2 days ago

A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.

CVE-2020-10256

9.8
CVSS
2 days ago

An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.

CVE-2020-6023

7.8
CVSS
2 days ago

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.

CVE-2020-23864

7.8
CVSS
2 days ago

An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder.

CVE-2020-8579

7.5
CVSS
2 days ago

Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).

CVE-2020-6022

5.5
CVSS
2 days ago

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.

CVE-2020-7753

7.5
CVSS
2 days ago

All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

CVE-2020-27183

9.8
CVSS
2 days ago

A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015 allows attackers to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.

CVE-2020-27180

7.5
CVSS
2 days ago

konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter.

CVE-2020-27181

6.5
CVSS
2 days ago

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.

CVE-2020-27182

6.1
CVSS
2 days ago

Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone before 2020.015 allow remote attackers to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp, ixedit/editor_component.jsp, or the login form.

CVE-2020-8956

3.3
CVSS
2 days ago

Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.

CVE-2020-15272

9.6
CVSS
2 days ago

In the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. The problem has been patched in version 1.0.1. If you don't use the `tag` input you are most likely safe. The `GITHUB_REF` environment variable is protected by the GitHub Actions environment so attacks from there should be impossible. If you must use the `tag` input and cannot upgrade to `> 1.0.0` make sure that the value is not controlled by another Action.

image

Don't Wait Until It's Too Late

Powerfully protect your OS and third-party applications starting today.