poor patch management.
143 million records compromised
as a result of a software vulnerability
in Apache Struts.
global data breaches by 2019.
vulnerable to Spectre Security vulnerability.
Today's challenges in
addressing cyber threats
High velocity of threats across multiple sources
Finding a needle in a haystack or get to know "is this threat important for me"
Identifying assets that are impacted
Vulnerability data and security functions are centralized
Delays at every stage in managing threat lifecycle
- 24×7 machine curated threat intel across software and hardware stacks
- Filter based on relevance
- Build correlation between vulnerabilities and business services
- Decentralize sharing of vulnerability intelligence across business functions
- Track vulnerability lifecycle from early warnings to severity updates, exploits, workarounds and patches
- Zero touch threat protection for your business services, on-premise and cloud footprint
- Integrate with popular ecosystems and tools like ServiceNow, Splunk, JIRA, Slack for automated vulnerability management
Tailored Vulnerability Intel
Every day the long tail of vulnerabilities keeps growing. Understanding whats relevant for your environment without loss of focus is critical for effective mitigation. ThreatWatch does just that so that your security analysts and operations staff can focus on the most relevant threats.
Superior Coverage of Vulnerabilities
Hundreds of different software and hardware stacks, open source libraries running on multitude of different operating systems get exposed to vulnerabilities each day. You can rely on ThreatWatch for its ever growing coverage of threats that matter to you. ThreatWatch covers a broad spectrum from vulnerabilities in micro-processors, kernel and operating systems to content management systems, ERP solutions, dev ops tools, networking gear, pen source software and much more.
Timing is of essence for pro-active security measures. Every few hours vulnerabilities are getting uncovered and its hours and minutes that matter when it comes to building a strategy to deal with them on a daily basis.
Instant Impact AnalysisHow does a threat impact me?
Understanding the vulnerability impact requires a very nuanced approach with careful consideration of the overall context , operating environment and overall risk appetite of the organization. ThreatWatch looks beyond severity ratings and CVSS scores and learns from user feedback to achieve a high signal-to-noise ratio.
Flexibility of Symbolic Assets
Representing risk requires business context and that means modeling services that are powered by underlying assets. Symbolic assets is a powerful mechanism to get a business centric view of risk in terms of vulnerability exposure. They provide a logical representation of a collection of assets and services to effectively manage the volume of incoming vulnerabilities. They also reduce the overheads of scanning for vulnerabilities in a large environment.
Zero touch Assessments
Large environment impose a huge cost in terms of resources required for regular vulnerability scans. ThreatWatch helps you reduce these costs by scanning virtual symbolic assets.
Integrations with ecosystems and tools like ServiceNow, JIRA, Splunk, Slack and more, enable customers to realize more ROI from these investments and leverage them for improving the security posture of the enterprise.
HOW IT WORKS
- 1 Decide
- 2 Configure
- 3 Analyze
- 1 Decide
- 2 Configure
- 3 Analyze
- Which technology stack, vendors or nature of vulnerabilities are of your interest ?
- Which teams and individuals in your organization would be interested to learn about security vulnerabilities affecting them?
- How would you prefer sharing your asset information with ThreatWatch?
- Setup alerts for custom notifications and de-centralized vulnerability intelligence.
- Setup “ThreatFilter” to see all that’s relevant for you.
- Setup plugins for asset discovery and workflow tools.
- Executive Leadership: Get a pulse of the changing security posture of services powering your business.
- Analysts : Track lifecycle of vulnerabilities and correlate it with IOC indicators.
- Operations: Prioritize your patching and mitigations with realtime / relevant updates.
- Program Managers: Identify trends and gaps to build robust security programs and projects.
- Ideal for small enterprises
- Individual sign-ups
- Symbolic assets: up to 10, each with up to 10 products
- Medium to large enterprises
- Unlimited user signups
- Shared assets : upto 200 assets / per instance, upto 50 products per asset
- Small, medium or large enterprises
- Cloud hosted and secured
- Sharing with Vendor(s) and Partner(s)
- Integrate with existing solutions (in-house or third party)
- Comes bundled with all three offerings
SaaS : Upto 1000 request per month
On-Premise / Managed Service: Up to 10K requests per month / per user
DevOps / DevSecOps
Developing and deploying production services with DevOps is an integrated function. In addition to keep the build and development environment free from known vulnerabilities there is also reliance on cloud providers for keeping the deployment environment patched at all times. This reliance is limited to base operating system and the application runtime becomes responsibility of the consumer. Behind a single large deployed service there are several different components powering that service which can have multiple teams contribute to it as well as reliance on vendors / outsourced providers or third party libraries.
ThreatWatch provides a flexible approach that allows service compositions to be represented as assets to understand the holistic risk while still being able to attribute risk emanating from individual components in real time.
Patch Management and Notifications
The many flavors of operating systems powering up services, endpoints ( laptops/mobile devices ) as well as hardware devices like networking gear, printers, wayfinders, conferencing and communication devices remains a huge challenge with a constant discovery of new vulnerabilities and their patches. Teams managing internal systems are focussed on the different business functions that they serve and are further fragmented into the type of operating systems.
ThreatWatch providers effective way to communicate this information to relevant teams ( internal or vendor ) in near real time for some cases, maintaining visibility and providing the real key value of being a subject matter expert.
Vulnerability Certification for Development Teams
Regulations related to processing of financial data (PCI) , health information (HIPPA) or when providing services to government bodies (FISMA) all require controls and processes in-place to ensure organizations are carrying out due diligence for securing the operating environment. There are periodic attestations that need to be carried out (eg. quarterly/yearly audits for PCI). With vulnerabilities being published frequently waiting till end of a quarter isn’t ideal. Repeated scans aren’t the solution either.
ThreatWatch provides a continuous monitoring and alerting mechanism for vulnerabilities and patches that makes this entire certification process manageable and effective.
Real Time Threat Intel for Red Team Exercises
Most organizations these days carry out internal assessments along with red team exercises to uncover security issues proactively before bad actors are able to uncover and exploit them. For these exercises to be effective a pre-requisite is having a knowledge base to tap into to capture the entire lifecycle of vulnerabilities from discovery to various updates which might include exploits, newer products being affected, severity and reference updates. This helps the red teams have access to the latest information that bad actors would have.
For Security and Risk Management Leadership
Understand risk for critical services for effective planning and execution of risk mitigation programs.
For Security Pen-Testers / Red Team
Use constantly updating knowledge base of cutting edge vulnerabilities and exploits to understand weaknesses and effective planning of the security testing / red team exercises.
For Security Engineers and Operations Staff
Identify vulnerabilities in dependent third party libraries. Identify patches and mitigations for operating systems, networking gear and critical service infrastructure.
For Threat Analysts
Co-relate vulnerability data with other relevant data sources like malware and IOC (Indicators of Compromise) to provide relevant intelligence to plan for mitigations.
Identify chain of vulnerabilities that might get exploited, work with operational staff to provide subject matter expertise and plan mitigations.
For Security Program Managers
Generate rich reports based on the desired level of granularity and with varied combinations for upward and downward reporting. Understand trends, backlogs for building effective short and long term program objectives. Get relevant data for making prudent investment decisions.
ThreatWatch’s mission is to offer cutting edge, premium solution for pro-active security needs covering your entire software and hardware stack. We believe that with machines leading today’s cyber attacks, there is a need for a “zero” touch approach , coupled with AI, ML models trained specifically for predicting relevance of security threats. Planning mitigations and deciding the priority has a human element that needs relevant and risk driven analysis. With “vulnerability intelligence” and “vulnerability impacts” ThreatWatch combines different variables and helps organizations prevent data breaches.
15490 Willow Dr.
Los Gatos CA 95032