Sevco Security unveils new vulnerability hunting capabilities to assess, track, prioritise security risks
Austin, Texas – Sevco Security, a cloud-native cyber asset attack surface management (CAASM) platform provider, has announced new vulnerability hunting capabilities. Organisations can use Sevco’s cloud-native asset intelligence platform to continuously hunt, assess, and track security risks to information systems and security procedures to proactively prioritise response efforts.
Current vulnerability management activities are limited in scope, infrequent and siloed. They are typically associated with CVEs, whereas misconfigurations and unprotected devices and users present equally dangerous vulnerabilities for attackers to exploit. When security programmes address the full scope of an organisation’s vulnerabilities, it’s often handled as a one-off or periodic security risk assessment that almost immediately becomes stale. In addition, legacy assessment tools only provide narrow views of security risk and don’t enable security analysts to search across asset classes to gain context for uncovering security risk vulnerabilities.
Sevco’s Asset Intelligence Platform augments and enhances current point-in-time practices such as penetration testing by giving broader, continuous visibility of the entire organisation’s security landscape. Using Sevco as a primary solution to discover and analyse all assets greatly strengthens existing vulnerability management and assessment programmes.
“An organisation-wide vulnerability management programme is far more than just a security assessment, periodic penetration test, or patch management programme,” says J.J. Guy, co-founder and CEO of Sevco Security. “The best approach for managing vulnerabilities — those security risks across your environment — is to use an ongoing and proactive process that regularly hunts for, prioritises, and addresses security risks in your information system, system security procedures, and internal controls.”
Sevco Security’s patented 4D asset intelligence correlation engine gives organisations the understanding of their IT asset inventory across the four dimensions of length, breadth, depth and time. This provides security teams with the full context of managed and unmanaged assets (devices, users, applications) across IT, public/private cloud, IoT devices, operational technology (OT), supply chain, contractors, and remote users, which is critical to proactive vulnerability hunting.
For example, the Sevco CAASM platform enables security teams to identify devices that don’t have patch management software installed or aren’t connected to handle a response effort when a zero-day threat emerges. In addition, Sevco delivers the context to proactively hunt for gaps in devices and systems that are missing security controls such as EDR and segmentation, as well as view the identity of the device owner to assess risk level.
Sevco Security will demonstrate its vulnerability hunting capabilities and the 4D Asset Intelligence platform at the Gartner security and risk management summit in National Harbor, MD, June 5-7, 2023. To schedule a briefing, please contact hello@sevcosecurity.com. For more information on the Sevco platform, please download the datasheet.
Comment on this article below or via Twitter @IoTGN