Aricent Deploys HAVOC to Manage Cybersecurity

Aricent Launches Intelligent Security Automation System

Companies can catch product and infrastructure vulnerabilities faster and earlier in the DevOps cycle

Aricent, a leading global design and engineering company, announced the launch of its Highly Automated Vulnerability Assessment Orchestration Containers (HAVOC) framework that manages cyber risk by catching significant security vulnerabilities before they are exploited.

Companies are under pressure to launch products and services faster without exposing themselves to cyber risk. However, shorter time to market lifecycles and latent vulnerabilities raises the likelihood of more successful denial of service attacks and data breaches. Aricent’s HAVOC solution addresses the need to understand the nature of vulnerability risk through a combination of precision coverage, superior probability and statistics, and speed of decision making.

According to researchers, the costs of ransomware in 2015 was $325m and rose to $5bn in 2017. In the next five years, the cost could reach $8 trillion. Conventional security management of products is based upon monolithic risk models with infrequent pre-release tests and random post-deployment assessments. These methods are unable to keep up with the advancing threat levels to product security and are not evolved to accommodate the speed and rigor of Agile or DevOps processes.

While latent software defects will always exist, the challenge is remediating vulnerabilities that can be readily exploited. Through a high-performance graph database, the tool reduces the time to prioritize and correlate thousands of findings that can span software source code, run-times, protocols stack, application interfaces and cloud-native implementations. HAVOC increases speed, verification and frequency of build, test and deployments lifecycles. This results in safer, more secure applications and safeguards businesses from legal, business and economic problems.

“The idea is to create as much deliberate “havoc” on a network or product so when they get hacked, and they will, the hurdle for compromise is extremely high or hopefully non-existent. For example, we worked with a large cloud provider to shift security testing of OpenStack services much earlier in the lifecycle. We orchestrated best of breed vulnerability scanners from static code analysis, penetrating testing and quality assurance, to generate detained findings to fix what matters most.” said Walid Negm, Chief Technology Officer at Aricent.

Source: Aricent media announcement

Latest Updates

Subscribe to our YouTube Channel