Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/4/2020
01:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Vulcan Cyber Launches Remedy Cloud, Providing Free Access to Thousands of Vulnerability Fixes

Providing remediation solutions on demand, Vulcan Remedy Cloud helps security and IT teams collaboratively "get fix done."

Tel Aviv – November 4, 2020 - Vulcan Cyber®, the vulnerability remediation orchestration company, today announced Vulcan Remedy Cloud, a free service built on the world’s largest database of curated remedies for thousands of security vulnerabilities. By sharing the Remedy Cloud library of fixes with the  global vulnerability management community, Vulcan Cyber provides a powerful tool that streamlines the work of remediation by helping security and IT teams more effectively coordinate remediation campaigns. 

In related news, Vulcan Cyber today announced Vulcan remediation analytics, which adds powerful business intelligence capabilities to its remediation orchestration platform.

“Vulnerability management should be a means to an end, but due to process breakdowns there's never an end -- just a growing backlog of vulnerabilities that require remediation,” says Yaniv Bar-Dayan, Vulcan Cyber co-founder and CEO. “We’ve identified a critical breakdown in the process when security teams hand off vulnerability remediation tasks to IT operations teams. Vulcan Remedy Cloud streamlines this workflow by providing both teams with remediation playbooks. This one function is extraordinarily effective at creating cross-team alignment and cooperation. We’re proud to offer Remedy Cloud as a free service to our community to help enterprise organizations get fix done.”

Remedy Cloud is a standalone, free version of the Vulcan remediation intelligence capabilities already offered through the Vulcan remediation orchestration platform. This remediation intelligence is the missing link for any “found-to-fixed” remediation workflow. Vulcan remedies include the right patches, the best configuration scripts, and even workarounds and compensating controls to help security and IT operations teams quickly tackle the most difficult vulnerabilities. Vulcan remediation intelligence adds enterprise-scale remediation solutions designed to facilitate more collaborative and efficient remediation by integrating remedies with vulnerability scan, prioritization, patch and configuration management tools.

Security teams most often identify and prioritize vulnerabilities but the actual work of remediation is done by IT operations, DevOps, and site reliability engineering teams. Remedy Cloud helps these teams identify and align on the best remedies for the job, saving time and effort. This Vulcan Cyber freemium offering is part of a broader initiative to help vulnerability management programs become more effective at driving remediation outcomes. With Remedy Cloud, Vulcan Cyber opens a valuable resource to entire infosec and IT communities to promote a “get fix done” mindset.

Vulcan Cyber is helping to accelerate the industry’s move from passive vulnerability management to active vulnerability remediation and automated cyber hygiene. 

Learn more

Visit https://vulcan.io/remedy-cloud to start using Remedy Cloud for free today. To learn more about the full Vulcan Cyber vulnerability remediation orchestration platform request a demo or a free trial instance. 

About Vulcan Cyber

Vulcan Cyber has developed the industry’s first vulnerability remediation orchestration platform, built to help cybersecurity and IT operations teams to collaborate and “get fix done.” The Vulcan platform orchestrates the remediation lifecycle from found to fix by prioritizing vulnerabilities, curating and delivering the best remedies, and automating processes and fixes through the last mile of remediation. Vulcan transforms vulnerability management from find to fix by making it possible to remediate vulnerabilities at scale. The unique capability of the Vulcan Cyber platform has garnered Vulcan Cyber recognition as a 2019 Gartner Cool Vendor and as a 2020 RSA Conference Innovation Sandbox finalist. For more information please visit https://vulcan.io

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
The Yellow Brick Road to Risk Management
Andrew Lowe, Senior Information Security Consultant, TalaTek,  11/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: He hits the gong anytime he sees someone click on an email link.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14190
PUBLISHED: 2020-11-25
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. The affected versions are before version 4.8.4.
CVE-2020-29074
PUBLISHED: 2020-11-25
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.
CVE-2020-14191
PUBLISHED: 2020-11-25
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the MessageBundleResource within Atlassian Gadgets. The affected versions are before version 4.8.4.
CVE-2020-29070
PUBLISHED: 2020-11-25
osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.
CVE-2020-26212
PUBLISHED: 2020-11-25
GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.3, any authenticated user has read-only permissions to the planning of ever...