Common vulnerabilities and exposures (CVEs) are crucial to network-based cyber security defense. These CVEs are how security intelligence researchers document and announce major vulnerabilities, working together with other research teams around the world to create a safer internet. We’re proud to announce that the Zero Day Initiative (ZDI), which provides security intelligence and threat analytics that help keep TXOne’s solutions up-to-date, was #1 for finding and documenting ICS CVEs in 2020. ZDI was responsible for a full 14% of the vulnerabilities that were submitted for the year.
TXOne’s own Edge Series of network cyber defenses is informed by ZDI, allowing us to repel undisclosed and zero-day threats. While newly-discovered vulnerabilities are always reported to the vendor, vendors often need time to produce a solution – the mean time to patch (MTTP) is, on average, longer than a month, which is longer than most operations can wait to be secured. Our security intelligence researchers are usually able to create fixes within a week. These fixes are then applied via our Edge series to create a reinforced shield around vulnerable assets. This network-based technology is called ‘Virtual Patch’, and it’s particularly well-suited to protecting legacy systems or systems that can’t be modified for regulatory reasons.
In this fast-changing modern threat landscape, an ounce of prevention is worth a pound of cure. By leveraging adaptive virtual patch technology our researchers and engineers can guarantee that work sites always have access to the most up-to-date security intelligence. Our Edge Series includes our next-generation firewall EdgeFire, our EdgeIPS Pro for large-scale operations seeking to ensure the continued rightful operation of many assets, and the more lightweight EdgeIPS for zone-based security.