Cue yet another in the seemingly never ending string of Israeli cybersecurity startups making a dent on the world stage. Today’s example is Vulcan Cyber, a company coming out of stealth today and contemporaneously announcing a $4 million investment from that other bastion of the Israeli cybersecurity industry, YL Ventures.
Vulcan’s pitch is all about offering what it calls a Continuous Vulnerability Remediation Solution. What that means is that Vulcan integrates, automates and orchestrates existing tools and processes, in an effort to both eliminate risks and reduce any chance of downtime. To get a sense of the core proposition that Vulcan is offering, I took the opportunity to get some detailed information from Yoav Leitersdorf, founder of YL Ventures.
Q – What are the main challenges of Vulcan’s customers?
A – Organizations today are innovating and changing faster than ever, adopting new technologies and constantly upgrading existing ones. This speed of change, coupled with the ever-expanding number of vendor-disclosed vulnerabilities in today’s enterprise software stack and hackers who are constantly probing for the “low hanging fruit” of unfixed accessible vulnerabilities, creates a reality of continues risk.
Despite industry best efforts to mitigate this risk using MULTIPLE vulnerability assessment and patch managements tools, organizations find themselves facing a growing Vulnerability Remediation Gap. This gap, which often leaves vulnerabilities exposed for months which is caused by these factors:
Lack of exposure visibility throughout the entire technology footprint – The enterprise technology footprints includes desktops, on-perm and cloud servers, various 3rd party and opensource applications and a large codebase. Each part of the footprint is being scanned for vulnerabilities by multiple, different security scanning tools, and controlled by multiple, different IT management tools. The lack of connection between the different tools, and the amount of siloed data doesn’t allow enterprises to receive a clear view of their exposures level throughout deployed infrastructure and code.
Exposure prioritization is out of context – Vulnerability management platforms prioritize vulnerabilities based on their technical severity. The problem is vulnerabilities doesn’t live in a vacuum, and medium/low technical severity vulnerabilities can create severe risk exposure if they are for example as part of a global (marketing?) campaign, or if they are found on business-critical assets. As vulnerability management systems do not take context under account, a lot of manual work is being invested by enterprises to re-prioritize the vulnerabilities detected in their network (recent Ponemon institute research indicated that the average enterprise invests 321 hours per week for this process) – wasting precious resources and making prioritization mistakes which lead to exposure and eventual breaches.
Remediation itself is led by non-security teams – Once the prioritized vulnerability remediation plan is set, remediation steps are being managed and executed by IT, DevOps and R&D teams, not by security ones. Security teams must to communicate with other teams and compete for resources to drive vulnerability remediation at the expense of other business-related activities. The fact that security teams lack the understanding and view of IT, DevOps and R&D, and vice versa, creates enormous challenges throughout the vulnerability remediation process and drags it to take weeks and sometimes months and years.
Q – How easy it is to deploy Vulcan in the customer’s environment?
Vulcan was designed with ease of deployment in mind. Vulcan cyber is a cloud native solution, delivered as a service. Vulcan does not install agents, nor taps into network traffic. To install Vulcan, all the enterprise should do is provide the API and credentials for its vulnerability assessment and DevOps/IT tools, and a couple of minutes later the system starts running.
Q – Who are your main competitors?
Vulcan is a unique player in the vulnerability management space because it is the only vendor that provides a solution across both vulnerability assessment AND vulnerability remediation. Vulcan’s main competitors are cyber-risk companies, which approach vulnerability assessment and prioritization strictly based on threat intelligence. They include Kenna Security, NopSec, RiskSense, and others.
Q – What are the key differences between Vulcan and all other vulnerability management vendors?
In the vulnerability management market, vendors are focusing on detecting vulnerabilities rather than remediating them. Indications to this factor are found in every aspect of the traditional vulnerability management / cyber-risk management systems – the way vulnerabilities are being prioritized, the lack of remediation-related data in these systems, and the lack of connection to IT and DevOps tools.
Vulcan’s key advantage is in leveraging of unique cybersecurity knowledge together with DevOps and IT management data and expertise. The Vulcan platform, unlike other vulnerability management tools, integrates with both security assessment tools as well as DevOps and IT tools, allowing organizations to not only detect vulnerabilities but actually automate, orchestrate and validate the remediation process.
Vulcan is building the largest vulnerability remediation database, delivering actionable tools and solutions, which includes patches, automated scripts, and signatures, that can be used to remediate vulnerabilities. This proprietary data is available only for Vulcan customers.
MyPOV
It strikes me that the cybersecurity world is a complex and disconnected world. There are hundreds of vendors out there and, by and large, they’re all ticking a different box on the security checklist. Which takes us to the crux of the matter, whether it is time for a broad offering that covers the various different risk vectors. The rise of DevOps, the use of microservices and a general move to a far more complex and distributed deployment pattern make this issue all the more acute.
Alongside this more complex risk matrix, we have a hacker community that is always looking to do better (well, worse) and explore new and more complex vulnerabilities – all of these factors play into the hands of Vulcan and its value proposition.
That said, something that sounds really good conceptually does not necessarily translate well into market success and the key here will be for Vulcan to prove that a broad platform drives advantages, without reducing efficacy on point attacks. Time will tell how well they do there.