Vicarius? What Do You Guys Even Disrupt?

TL;DR - The Next-Gen cyber-security revolution left one important field behind: Vulnerability Assessment. Vicarius is here to make things right

The Security World Is Moving Forward

The first Anti Virus (AV) software that incorporated a signature-based approach to security was introduced back in 1987 by G Data Software.

F-Prot Definition File Update

Deterred, but only for a bit, hackers went on to develop on-the-fly malleable malware types that made signature-based detection obsolete. The good guys went back to the drawing board, and Next-Gen AV’s began to emerge.

27 years later a report titled 'APT 1' by Mandiant showed that both traditional and new AV vendors are shifting to signature-less systems. According to the report, new methods like behavioral detection, artificial intelligence (AI), machine learning (ML), and cloud-based file detonation are integrated into products instead.

Detection of Thanatos by SentinelOne Dashboard

The VA World Is Going Backwards

The cyber-security revolution changed the way we see the world and the technologies used to protect it.
Back when malware was taking its baby steps, customers relied on one method - AV, but nowadays organizations have to design their cyber-security protocols around multiple products.

Two of the essential modules in such arrangements are Vulnerability Assessment (VA) and Vulnerability Management (VM) products.

The basics of VA & VM solutions are simple - third-party software is vulnerable, and security patches will protect it. VA & VM solutions will help you detect and manage unsafe products.

Vendors maintain giant lists of all known applications and versions (CPE) matched with their vulnerabilities (CVE) and the patches one needs to install to stay secure - a tactic very similar to the old AV methods.

Apache Tomcat Vulnerabilites - Taken from http://www.itsecdb.com/

Some products offer a slightly more sophisticated version - they focus on the secure development of products before their release. However, these systems are still based on public lists of vulnerable libraries.

Where Is Our Next-Gen Revolution?

Sweeping revolutions are happening everywhere on the technological spectrum. Data Loss Prevention (DLP) solutions reshaped as Next-Gen DLP introduced the new Content Disarm and Reconstruction (CDR) approach. The traditional Firewall became smarter with Web Application Firewall (WAF) and Runtime Application Self Protection (RASP). Everyone's sprinting forward except VA & VM - lagging behind like that kid with asthma from gym class.

Why?

It all comes down to deployment VA & VM products wanted to be smooth and sexy - easy integration in the blink of an eye, so they avoided running agents. No running agents mean complete and utter oblivion to the activity and the binary changes of the applications you own. Cyber-security isn't a sprint, but a marathon and VA & VM are already exhausted at kilometer 3. Don't even get me started about real-time exploit detection.

So you're probably asking yourself - How can I understand what my software is doing? Where is the ML-based threat hunting? Patch-less client-side software protection? How can I keep my business safe?

The Times They Are a-Changin'

When an un-patched Apache server leads to an early CEO retirement of a Fortune 1000 company, it's probably time for change.



So the CEO head is on the table, and the CISO should move faster than a rolling stone as the times are defintely a-changin. Deployment concerns will be the IT problem, organizations will use the most advanced tool because Not moving forward is not an option.

And That's Exactly What We Do

Introducing Vicarius - Your watchdog against vulnerable applications. All missing parts - agent, agent-less, vulnerability compliance reports, ML-based binary assessment, trends detection, real-time software protection - are all built-in. Oh, and we're just getting started.



Wanna hear more? Ask!