Upcoming features will add new vulnerability management capabilities to the Action1 patching engine for risk-based patch prioritization. Credit: Cisco Cloud-native, patch-management application provider Action1 is set to add vulnerability discovery and prioritization capabilities to its namesake flagship platform to help businesses stay ahead of software exploits. The plan is part of a company strategy to expand beyond its traditional patch management features and add capabilities aimed at enhancing an organization’s resilience to cybersecurity threats. “The new features will enable customers to see beyond what is patchable into what is actually vulnerable,” said Mike Walters, vice president of vulnerability and threat research and co-founder of Action1. “With this new combined product offering, enterprises will be able to make better prioritization decisions.” The new features are targeted at companies that have a work-from-anywhere staff strategy. “Every organization needs a way to update their employees’ devices as one of the most effective — yet so simple preventive security measures available,” said Story Tweedie-Yates, head of product marketing at KSOC, a Kubernetes security company. “Time and again, security reports show that a large risk to the organization is unpatched software and the vulnerabilities that accompany it.” Vulnerability discovery and prioritization capabilities will be available — in the third and fourth quarter, respectively — with the customers’ existing subscription and no extra charges. Consolidating vulnerability and patch management Action1, currently, only identifies unpatched systems and lacks the ability to detect all common vulnerabilities and exposures (CVEs) in an organization’s environment, including those without available patches. “Currently, we only offer the remediation piece, without a link to the original vulnerability. Vulnerability discovery is the missing piece that will connect vulnerabilities on endpoints to available patches. With this new technology, the Action1 platform will be able to link the two together, so instead of just offering patches, it will tell you what systems are vulnerable with specific CVE IDs,” Walters said. The company will use the National Vulnerability Database (NVD), CISA’s Known exploited vulnerabilities catalogue (KEV), and the CIS Benchmarks list for its vulnerability discovery capability. Under its new strategy, Action1 is looking to combine the existing remediation offering with discovery and risk-based analysis of vulnerabilities in order to give companies contextual information that will help them consolidate and streamline resource allocation and prioritization. “Users will see every vulnerability on their system, including both patchable and non-patchable vulnerabilities, along with attributes such as score, exploitability, attack vector, and other available attributes. This will ultimately enable security teams to make informed prioritization in patching or to find a compensating control instead of patching,” Walters added. Context is key in prioritizing patches Industry expoerts agree that various factors are usually considered while assessing vulnerabilities and risks associated with them. Erik Nost, an analyst with Forrester thinks contextual, risk-based approach combined with weighted counter controls help better handle vulnerabilities within a given timeframe. “Forrester recommends organizations consider business context, threat likelihood, and strength and effectiveness of compensating controls when assessing vulnerability risks,” Nost said. Yates agrees that managing risk absolutely requires the ability to prioritize security efforts, including patching, based on business context. “In general, security practitioners are moving their true north from compliance to managing risk, and Action1’s addition of vulnerability discovery, based on the differing business value of the asset, falls in line with this need,” she added. KSOC’s Yates noted that Action1’s platform is currently available only for Windows OS devices. The company, however, says that it is working to expand coverage to Linux and macOS systems. An Action1 customer since 2021, Chris Weis, senior systems engineer at Razzoo’s Cajun Café, initially became a user since the restaurant was “struggling with visibility and control of business endpoints (Data center, remote locations, and workstations) and keeping everything fully patched on a regular basis.” “Action1 has a powerful patching system that allows us to address security with consistent patching to all our systems from an easy-to-use friendly interface. The other functions of Action1 including remote support, reporting, and software deployment have made Action1 one of our most essential tools we use to keeping our IT infrastructure running effectively,” he added. Although the new features have not been tested, Weis was upbeat about Action1’s upcoming vulnerability detection and remediation features. “Indicators such as scoring, exploitability, and attack vectors will help identify possible vulnerabilities that are outside of what patching alone can resolve and allow Related content brandpost Sponsored by Microsoft Security New threat trends emerge out of East Asia With total vigilance concerning the latest East Asian developments in the threat landscape, security leaders can enhance their readiness to safeguard against the most imminent dangers. By Microsoft Security May 14, 2024 5 mins Security news Equipped with AI tools, hackers make apps riskier than ever The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools. By Shweta Sharma May 14, 2024 4 mins Application Security feature Low-tech tactics still top the IT security risk chart USB-based attacks, QR codes for phishing and social engineering continue to be some of the most effective, now more dangerous with the help of AI. By Rosalyn Page May 14, 2024 9 mins Cyberattacks Social Engineering Data and Information Security how-to Download the SASE and SSE enterprise buyer’s guide From the editors of our sister publication Network World, this enterprise buyer’s guide helps network and security IT staff understand what SASE (Secure Access Service Edge) and SSE (Secure Service Edge) can do for their organizations and how t By Neal Weinberg May 13, 2024 1 min Remote Access Security Network Security Enterprise Buyer’s Guides PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe