When it comes to IT security, most IT organizations are hopelessly outgunned and undermanned. Modern digital criminals have access to far more sophisticated tools than IT organizations have to defend against them, and the proceeds from their previous attacks give them funds they use to develop even more sophisticated approaches to compromising IT security.
To help level the playing field, Verodin today unveiled Verodin Platform, which automates penetration testing to allow organizations to better determine their security posture. Verodin CEO Christopher Key says the goal is to make it easier for IT organizations to discover what types of attacks they are vulnerable to in order to prioritize the patches and updates they need to make. Verodin Platform captures data concerning both how well a given set of IT products responded to an attack and how successful any attack was.
Instead of throwing more money at IT security, Key says, IT organizations need to concentrate on getting more value out of what they are currently spending. For the most part, the average IT organization doesn’t know what it needs to defend against because the types of attacks being launched are constantly changing.
The Verodin Platform, says Key, is an open content platform that can be updated by either Verodin or by the IT organization using tools provided by Verodin as information about new types of attacks becomes available. Data captured by Verodin Platform can also be easily shared with other security tools via a REST application programming interface, says Key.
Verodin Platform doesn’t prevent attacks. But armed with more intelligence about how attacks exploit vulnerabilities should sharply reduce the number of false and real security alarms that an IT organization needs to respond to on a daily basis. That alone might pay for itself in terms of giving the IT organization back time that could easily be applied to tasks that provide real value to the business.