The ULTRA RED Threat Exposure Management Platform is a unified SaaS solution that automates the discovery and cyber management of your organization’s enterprise attack surface. Unlike many EASM solutions, ULTRA RED continually delivers prioritized and verified vulnerabilities that can be actionedwithout the need for further investigation, dramatically improving exposure detection and response rates. Supporting intelligence, POCs and remediation guidance for each vector facilitate a smooth handover to remediation teams.
Most organizations operate in a highly competitive business environment, one where continual technology innovation is a given. When the Internet is involved, however, innovation comes at a cost.
The ULTRA RED platform was designed from the ground up to eliminate noise and deliver on ROI. It supports all phases of Gartner’s CTEM framework and enables cyber teams to dramatically improve their detection and response rates.
The platform includes powerful continuous discovery and asset management capabilities but unlike many EASM solutions, ULTRA RED delivers prioritized and verified vulnerabilities with supporting intelligence and remediation guidance. As a result, vectors can be prioritized and actioned without additional overhead.
ULTRA RED’s prioritization scoring is based on a combination of the CVSS severity and its exploitability. For example, a high-risk CVE may not be considered a vector as there are mitigating controls that prevent it frombeing exploited. A vector with a high CVSS score may have a lower ULTRA RED score if the weakness exists but cannot be exploited due to missing prerequisites. In both cases, continual monitoring will update their status and priority if the situation changes. Asset risks are categorized into logical groupings such as VPNs, development environments, admin & sensitive information. This helps managers and teams understand the potential impact of affected assets to further assist with prioritization. With ULTRA RED, cyber teams can focus on the vectors that present a real-world risk to their organization.
Each identified vector is accompanied by impacts, external references, an actionable remediation list with required steps, and POCs for leveraging the weakness. Armed with this information, cyber teams can affect a smooth handover to remediation teams, thereby lowering mean time to resolution (MTTR).
ULTRA RED’s cyber experts assist customers along the way with advice and guidance; for example, in understanding new or lesser-known vulnerabilities.
© Spyglass All Rights Reserved