Secunia, the leading provider of vulnerability intelligence and vulnerability management solutions, today announced a new partnership with the Center for Internet Security, Multi-State Information Sharing and Analysis Center (MS-ISAC) division, the cyber security focal point for US state, local, territorial and tribal (SLTT) governments. The collaboration between Secunia and the MS-ISAC provides (SLTT) governments with solutions for enhancing their vulnerability and patch management efforts, enabling them to further strengthen their defences against the increasingly complex cyber security challenges they face.
With this new agreement, the MS-ISAC members can get discounted access to the Secunia Corporate Software Inspector (CSI), which is an end-to-end solution for vulnerability and patch management, tying patch detection to patch distribution. It provides an overview of all vulnerabilities in the network in one, simple application, and enables remediation through efficient patch deployment of both Microsoft and non-Microsoft patches. The Secunia CSI relies on the markets’ most comprehensive and reliable vulnerability intelligence database to report and rate vulnerabilities, the Secunia Vulnerability Intelligence Database, which is maintained by the Secunia in-house Research team.
"The MS-ISAC is pleased to collaborate with Secunia in providing our members with resources that assist in identifying and mitigating vulnerabilities across their environment," said William F. Pelgrin, President and CEO of the Center for Internet Security and Chair of the MS-ISAC. "The cyber challenges facing our SLTT governments are daunting and the need for cost-effective solutions to help meet those challenges has never been greater. This partnership is an excellent example of the public-private sector collaboration necessary to protect our critical infrastructure assets from cyber security threats. We look forward to similar opportunities to engage with additional top-tier security vendors in helping secure our nation’s SLTT governments through our newest division, the Trusted Cyber Security Purchasing Alliance (alliance.cisecurity.org)."
There is a general increase in the industry's focus on vulnerabilities and the threat they pose to organisations. Gartner noted that "a few vendors have started to provide proactive tools, such as vulnerability detection and application control, that reduce the attack surface."*
The attack surface, however, is expanding year-on-year by a constant increase in vulnerabilities (Secunia Yearly Report 2011). The rise in non-Microsoft vulnerabilities in particular adds complexity to the patch management operations, which in 2011 represented almost 80% of all vulnerabilities (Secunia Yearly Report 2011).
"We are looking forward to commencing the collaboration, and supporting the MS-ISAC members, who with the Secunia CSI will be empowered to deal with the root cause, the vulnerabilities", said Thomas Zeihlund, CEO, Secunia. "The Secunia CSI will have a direct, positive impact on the effectiveness and timeliness of the members’ patch management operations, providing transparency into what is posing a security threat to their organisation so that they can target and prioritise their resources and efforts."
The Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the national not-for-profit Center for Internet Security, is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, territorial and tribal governments. Participants from all 50 states, DC, many local governments (including all state capitals) and several US territories are members. The MS-ISAC 24x7 cyber security operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation, and incident response. The MS-ISAC coordinates closely with the U.S. Department of Homeland Security through its National Cyber Security Division.
Secunia (secunia.com) is the leading provider of IT security solutions that help businesses and private individuals globally manage and control vulnerability threats and risks across their networks and endpoints. This is enabled by Secunia's award-winning Vulnerability Intelligence, Vulnerability Assessment, and Patch Management solutions that ensure optimal and cost-effective protection of critical information assets.
The Secunia CSI is used by organisations worldwide, including fortune 500 and governments. It is based on the world’s most comprehensive and reliable vulnerability database, maintained by Secunia’s in-house research team, and uses a unique, proprietary scanning technology that is non-intrusive.
Secunia plays an important role in the IT security ecosystem, and is a member of leading industry institutions such as FIRST, CVEs editorial board, ISF, and Online Trust Alliance.
*Source: Gartner, Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook, Neil MacDonald, John Girard, January 18, 2012. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.