Dec 23, 2019
TL;DR - The Next-Gen cyber-security revolution left one important field behind: Vulnerability Assessment. Vicarius is here to make things right
The first Anti Virus (AV) software that incorporated a signature-based approach to security was introduced back in 1987 by G Data Software.
Deterred, but only for a bit, hackers went on to develop on-the-fly malleable malware types that made signature-based detection obsolete. The good guys went back to the drawing board, and Next-Gen AV’s began to emerge.
27 years later a report titled 'APT 1' by Mandiant showed that both traditional and new AV vendors are shifting to signature-less systems. According to the report, new methods like behavioral detection, artificial intelligence (AI), machine learning (ML), and cloud-based file detonation are integrated into products instead.
The cyber-security revolution changed the way we see the world and the technologies used to protect it.
Back when malware was taking its baby steps, customers relied on one method - AV, but nowadays organizations have to design their cyber-security protocols around multiple products.
Two of the essential modules in such arrangements are Vulnerability Assessment (VA) and Vulnerability Management (VM) products.
The basics of VA & VM solutions are simple - third-party software is vulnerable, and security patches will protect it. VA & VM solutions will help you detect and manage unsafe products.
Vendors maintain giant lists of all known applications and versions (CPE) matched with their vulnerabilities (CVE) and the patches one needs to install to stay secure - a tactic very similar to the old AV methods.
Some products offer a slightly more sophisticated version - they focus on the secure development of products before their release. However, these systems are **still** based on public lists of vulnerable libraries.
Sweeping revolutions are happening everywhere on the technological spectrum. Data Loss Prevention (DLP) solutions reshaped as Next-Gen DLP introduced the new Content Disarm and Reconstruction (CDR) approach. The traditional Firewall became smarter with Web Application Firewall (WAF) and Runtime Application Self Protection (RASP). Everyone's sprinting forward except VA & VM - lagging behind like that kid with asthma from gym class.
It all comes down to deployment
VA & VM products wanted to be smooth and sexy - easy integration in the blink of an eye, so they avoided running agents. No running agents mean complete and utter oblivion to the activity and the binary changes of the applications you own. Cyber-security isn't a sprint, but a marathon and VA & VM are already exhausted at kilometer 3. Don't even get me started about real-time exploit detection.
So you're probably asking yourself - How can I understand what my software is doing? Where is the ML-based threat hunting? Patch-less client-side software protection? How can I keep my business safe?
Introducing Vicarius - Your watchdog against vulnerable applications. All missing parts - agent, agent-less, vulnerability compliance reports, ML-based binary assessment, trends detection, real-time software protection - are all built-in. Oh, and we're just getting started.
Wanna hear more? Ask!
Challenges of Cybersecurity AutomationKent Weigle May 07, 2021
Security Automation Best PracticesKent Weigle May 07, 2021
Part Human, Part Machine: Leverage Automation To Bolster Your DefenseKent Weigle May 07, 2021
Benefits of Automation in CybersecurityKent Weigle May 07, 2021
Will Automation Save the Security Team?Kent Weigle May 07, 2021