Exodus is excited to formally announce a strategic partnership with Kenna Security —a pioneer and leader in vulnerability management and risk assessment. The Kenna platform provides enterprises with a powerful view into their vulnerability profile, collected from vulnerability scanning tools, such as Qualys and Rapid7, and is further augmented by intelligence feeds.
Exodus Intelligence has unveiled the new Research Sponsorship Program (RSP), focused on acquiring vulnerability research and exploits from the global cybersecurity research community. While continuing to acquire Zero-Day research, the RSP is the first widely available acquisition program to offer bounties for exploits that exercise N-Day vulnerabilities.
Security analysts are in a daily struggle to understand their risk profile, constantly working to capture the state of their attack surface, assess the total risk that it presents and prioritize their efforts to mitigate those risks.
Here at Exodus, we have a unique view of the world, having analyzed a great number of enterprise-focus applications, as well as having worked with numerous application vendors. Through our work, we have become convinced that in order to really understand your risk profile, it’s critical for you to also understand where you are most vulnerable. You must know which corners of your network house applications with vulnerabilities for which there are no current patches.
Container-based deployments are becoming more and more common in the enterprise, with Docker usage doubling from 2015 to 2016. One of Docker’s primary strengths is the convenience it provides in packaging and distributing applications, their dependencies, and environments. Docker, Inc. provides an open-source container registry that many use as starting points for their containers, allowing one to create new containers that build on the work of others. However, the convenience of the Docker ecosystem comes at the cost of increasing the difficulty of knowing which applications and dependencies are within a Docker container, allowing administrators to unknowingly grow their org’s entire attack surface.
At Exodus Intelligence, we understand the priority of knowing whether containerized applications are vulnerable, so that steps can be taken to mitigate and reduce overall risk. To this end, we are pleased to announce our partnership with Twistlock—the leader in securing containerized applications, and noted as one of the “Top 20 Cyber Security firms to watch in 2016” by Dark Reading. In this partnership, Exodus Intelligence Zero-Day metadata becomes an integral intelligence source within Twistlock applications.
Offering allows enterprise customers to consume critical vulnerability metadata.
Austin, TX – July 26, 2016 – Exodus Intelligence, the leader in vulnerability discovery, analysis, and exploitation, today announced two new metadata subscriptions targeted at enterprise customers that need to understand the security posture of their clients and servers. Exodus is the first Vulnerability Research company to productize their research using an open standard, intended to be consumed by enterprises.
It’s been interesting to watch the cybersecurity industry evolve over the last two decades. I’ve seen radical shifts in actor behavior and sophistication, as well as industries’ ability to comprehend and address threats. With that in mind, it would be easy to build a picture of “doom and gloom”—given that everybody realizes that industry and government alike are not able to keep up.
What happened at Exodus Intelligence in the month of June? It’s all here, in the Exodus Intelligence June 2016 newsletter!
Our good friend, Dan Lamorena of Forescout Technologies, is creating a series of blogs centered around zero-days and IoT. In this series, he’ll be interviewing cybersecurity experts to discuss what they’re seeing out there in the “Wild, Wild West” of security.
The first blog post of the series is right here, with Logan Brown, President/Founder, and Ted Ross, CEO, of Exodus Intelligence. Logan has spent his career in security research finding vulnerabilities in commonly used software. Exodus has been around for four years now, and prior to that, Logan was at TippingPoint’s Zero Day Initiative. Ted has been in the industry for 27 years and brings experience from both a security practitioner and a threat intelligence background.
June 7-9, 2016, over 500 industry representatives met in Tallinn, Estonia to hear from top NATO officials to discuss key strategic challenges for NATO IT and to usher NATO-Industry cooperation forward; including, in the cyber domain. Ted Ross, Exodus Intelligence, CEO, participated in the NATO/NCIA Industry Executive Discussions that took place.
Read this newsletter to see what the month of May brought for Exodus Intelligence: a new training course is open for registration, new capabilities, a blog on how waiting for a patch can cost you the business, and new Twitter-handle updates. It’s all here, in the Exodus Intelligence May 2016 newsletter!