We’ve been busy.
In the fast-paced and ever-evolving world of cyber security, Vulcan Cyber made significant strides in the summer of 2023, recognized formally as we were named a winner of the SINET16 Innovator Award (more on that below).
Here’s a roundup of the critical developments that have marked this season as a pivotal period for Vulcan Cyber:
AI Package Hallucination: Navigating the perils of generative AI platforms
Despite the industry buzz surrounding the integration of ChatGPT remediation recommendations into various platforms, Vulcan Cyber has decided to tread cautiously. This decision comes after our Voyager18 research team uncovered a potentially perilous attack technique we’ve named “AI Package Hallucination“.
This approach leverages the tendency of generative AI platforms like ChatGPT to sometimes produce hallucinated sources and recommendations, including non-existent packages, in their responses. Attackers can exploit this by reverse engineering the prompts to receive a recommendation for an unpublished package, and then create and publish a malicious package under the same name.
On-demand webinar: AI Package Hallucination – A New Supply Chain Attack Technique to Watch
Attack Path Graphs: Visualizing vulnerabilities
Building upon our dedication to offering state-of-the-art solutions, we have introduced the Vulcan Cyber Attack Path Graphs (APG) feature, a groundbreaking functionality currently in private beta. This feature aids enterprise vulnerability management teams in understanding and visualizing the interconnected risks in their digital environments.
The APG feature enables you to visually map how an attacker could exploit vulnerabilities in your network to reach high-value targets, or “crown jewels.” This representation not only prioritizes risk in a more intuitive way but also shows risk in the context of the particular organization, facilitating an understanding of how minor vulnerabilities can escalate into significant risks.
On-demand webinar: Prioritize and Mitigate Cloud Vulnerability Risk with Attack Path Modeling
MITRE ATT&CK Mapper: Advancing vulnerability management through data science
As the cyber security industry progressively adopts the MITRE ATT&CK framework, Vulcan Cyber is at the forefront, reinforcing the critical need to integrate risk-based vulnerability management with insights from this standardized structure. The goal is to achieve an expansive visibility and control over the CVEs landscape, paving the way for a more secure digital ecosystem.
Our recent white paper and tool showcase the innovative strides taken by the Vulcan Cyber Voyager18 research team. Utilizing machine learning and textual analysis, the team successfully mapped pertinent mitigation techniques to CVEs, fostering a smarter and more predictive approach to identifying and countering potential threats. This integrative strategy is set to redefine how we approach vulnerability management, moving beyond traditional frameworks to a more holistic and data-driven paradigm.
Through this initiative, Vulcan Cyber intends to set a precedent in the industry, advocating for a more comprehensive, analytical, and proactive approach to securing digital infrastructures. Stay tuned for more updates as we delve deeper into this integration, promising a revolutionary shift in vulnerability management strategies.
Quarterly Vulnerability Watch: A comprehensive overview of emerging threats
In our commitment to keeping enterprises one step ahead of potential cyber threats, we have presented the Quarterly Vulnerability Watch, a meticulous report spotlighting significant vulnerabilities that have emerged in the recent quarter. This resource aims not only to inform but also to equip organizations with actionable insights that can significantly enhance their vulnerability risk management practices.
Beyond just presenting the technical details surrounding these CVEs, the report goes a step further. It offers a comprehensive analysis that incorporates data about the Exploitability Score (EPSS) and listings from the Cybersecurity and Infrastructure Security Agency (CISA) catalog among other crucial metrics. This approach ensures a deeper understanding of each vulnerability, extending beyond the standard Common Vulnerability Scoring System (CVSS) severity rating.
By offering a well-rounded view of the potential repercussions of these vulnerabilities, Vulcan Cyber seeks to foster a culture of informed decision-making among organizations. The Quarterly Vulnerability Watch is not just a report; it is a tool for organizations to sharpen their defenses, adopting strategies that are both robust and informed.
SINET16 Innovator Award: A testament to innovation and excellence
In a testament to our innovative strides in the cyber security space, Vulcan Cyber has been named a SINET16 Innovator for 2023. This prestigious award, bestowed annually, recognizes the 16 most innovative and promising companies in the cyber security landscape worldwide.
After a rigorous evaluation of hundreds of emerging companies globally, Vulcan Cyber stood out and was invited to showcase our solutions and products, further solidifying our position as a leader in cyber asset and vulnerability risk management. This award marks a significant milestone in our journey, reflecting our relentless commitment to pioneering cyber security solutions that safeguard organizations globally.
As we step into the latter part of 2023, we remain committed to advancing our technologies and strategies to keep organizations safe in an increasingly digital world. Our recent developments, and accolades from SINET16, affirm our position as a thought leader in the cyber security landscape.
Forrester Wave report: Vulcan Cyber named an RBVM leader
We’re happy to announce that the latest Forrester Wave™: Vulnerability Risk Management, Q3 2023, has been released by Forrester Research, offering the first insights of this kind in more than four years. And we’re proud to share that Vulcan Cyber is one of the two entities recognized as Leaders in this important evaluation.
The Forrester Wave is a research methodology and report structure employed by the renowned global research and advisory firm, Forrester Research. It is widely utilized to assess and contrast different technology or service providers within a specific sector or market segment.
Vulcan Cyber’s designation as a Leader in this Forrester Wave stems from a thorough assessment based on 28 criteria, classified under Current Offering, Strategy, and Market Presence. In the Current Offering category, Vulcan Cyber achieved the maximum scores possible in the following areas:
- Time-to-value
- Insights and Customization of Prioritization
- Business Contextualization
- Instructions for Remediation
- Out-of-the-box Reporting
- Exceptions
You can read the full report here.
There’s more
We’re just getting started. With new features in our platform, another CyberRisk summit on the horizon, and further in-depth research from our Voyager18 team, we’re hard at work to deliver industry-leading cyber risk management solutions for our industry.
Want to see what we’ve been up to? You can check out a demo of our platform here.