So lately people have been asking me: what is this thing you are working on at Vicarius and why are you folks standing out from all the other cyber security vendors out there?
My two cents for that are:
1. Grouping all the cyber security products under one umbrella is completely wrong. Our industry is probably the most sub-segmented market around.
2. Vicarius is disrupting a traditional and compliance-driven segment. Our product is superior in so many ways that the compliance features we've added are just an excuse for our customers to spend the same budget on something which provides them much more.
Vicarius develops a vulnerability assessment and protection solution
Vulnerability assessment products alert organizations about well-known vulnerabilities that were fixed or yet-to-be-fixed by their vendors.
Next-generation solutions in this field tried to tackle this issue before the software is released by detecting in an uncompiled source code. Application security products haven't accomplished adequate protection. The most reliable confirmation for that is the vastly growing amount of vulnerabilities which are being reported by customers and bug-bounty programs.
You can read about how easy it is to exploit yet-to-be-fixed security vulnerabilities in Vicarius VP Research, Roi Cohen, blog post.
Vicarius offers mitigation in a world of uncertainty
As we can see today, the lack of mitigation solutions in that field has caused a growth of funding in next generation bug-bounty solutions. The logic behind is that if we can't solve the issues before the code is being released let's at least try to reduce the threat window period, post-vulnerability discovery and before the patch is released.
We are offering a mind shift. We do a real-time mitigation on the customer (and not the vendor) side. Our solution doesn't involve continuous patching, source code manipulations or any vendor-customer relationship.
Stay tuned to hear about how we do that!