Home > News > Top Stories > TAC Security Launches the ESOF Vulnerability Prediction Feature

Platform Security

TAC Security Launches the ESOF Vulnerability Prediction Feature

TAC Security
TAC Security, a Silicon Valley-based Cybersecurity company, announced the launch of their ESOF Prediction Feature. The Prediction feature allows the organizations to forecast the quantity of new vulnerabilities in an asset for the coming month. The results will be based on the vulnerability specifics from anyone’s most recent scan results for each Asset type.

The feature anticipates the ESOF cyber scores of various Asset types present in one’s infrastructure and based on the number, the predicted vulnerabilities are generated. The count of predicted vulnerabilities gets further divided based on severity levels for e.g., Critical, High, Medium and Low.

ESOF predicts the number of vulnerabilities in the coming months and generates a cyber score based on that for the coming months. The platform will predict the following -

  • Monthly Prediction of Vulnerabilities.
  • Prediction of ESOF Cyber Score
  • Prediction of Vulnerabilities that can be patched
  • Prediction of Type of Vulnerability(s)

ESOF also allows the count of predicted vulnerabilities to be compared to the number of actual vulnerabilities. The representational graphs will contain both the actual count and predictive count of the vulnerabilities for the coming months.

“The prediction feature allows security teams to foresee threats and prepare for them. If the security team needs training or resources, knowing in advance allows them to invest time and resources to improve their security processes. ESOF plays an essential role in allowing teams to discover, prioritize and remediate before situation demands, rather than mass efforts like other tools,” said, Trishneet Arora, Founder and Chief Executive Officer, TAC Security.

“We are thrilled to take the next step to ensure ESOF becomes Cybersecurity's Future. The Prediction feature is a revolutionary contribution by TAC Security to the ever-evolving Risk and Vulnerability Management market. The ability to foresee threats allows not only the security teams and leaders to be prepared. And gives them the chance to communicate with the whole organization, including the Board Members, so they know what to expect. It allows the organization to be well prepared and plan their resources to strengthen their security processes and reduce the chances of a breach remarkably.”

Chris Fisher – CMO, TAC Security

This announcement closely follows TAC Security’s recent launch of another new product, ESOF Product CyberScore. The product provides ability to generate risk scores for each product installed in the system. In addition to an individual product risk score for the product on a single asset, there is also a group score that will be based upon all the assets that have the product installed. With the overall product score, they can easily identify the most vulnerable products present in all the assets and prioritize the top 10 most vulnerable products present in the organization.

The prediction model is a major stepping stone in TAC Security’s mission of ensuring a cyberscore becomes the next credit score system for organizations to be considered compliant. The ability to forecast upcoming vulnerabilities gives organizations an edge over the adversaries and continues to strengthen the risk posture of their overall IT infrastructure.

About TAC Security
TAC Security, headquartered in San Francisco, is a global leader in Vulnerability Management that protects Fortune 500 companies, leading enterprises, and governments around the world.

TAC Security manages 5+ Million vulnerabilities through its Artificial Intelligence (AI) based Vulnerability Management Platform ESOF (Enterprise Security in One Framework). TAC Security has established strategic partnerships with leading cloud providers and managed service providers and consulting organizations including Tech Mahindra, IBM, KDDI Japan, and distributors including Dataguard Technologies LLC and Ingram Micro.

Spotlight

More featured news

Spotlight

Related News

Enterprise Security

Microsoft harnesses power of AI to boost Windows 11 security, pushes for passwordless future

VentureBeat | September 27, 2023

Microsoft announced a series of new enterprise security features today that use artificial intelligence (AI) to help defend Windows 11 against increasingly sophisticated cyberattacks. The tech giant claims its new AI capabilities will reduce security incidents by 60% and firmware attacks by 300% for businesses using the latest version of its software. Microsoft’s vice president of enterprise and OS security, David Weston, explains in a company blog post that was published today specifically how AI is being used to fortify Windows 11 against sophisticated attacks, ranging from malware to firmware threats, and even nation-state attacks. At the heart of this AI-focused security upgrade is the integration of Microsoft’s Pluton Security Processor and Secured-core PCs. Both systems leverage AI algorithms to isolate sensitive data and provide defense against potential threats. IT professionals should note that these Secured-core PCs are reported to be 60% more resilient to malware than non-Secured-core PCs, a significant improvement in system defenses. Microsoft’s AI strategy also appears to be forward-thinking, with the company starting to adopt memory safe languages like Rust for traditional attack targets. Rust’s memory safety features without garbage collection make it an ideal language for building reliable and efficient systems, further multiplying the cybersecurity benefits. The end of passwords? Microsoft’s groundbreaking move Perhaps most notable among today’s announcements is Microsoft’s push towards a passwordless future, a move that could fundamentally alter the landscape of cybersecurity. Microsoft’s AI will now be used to develop and implement passkeys — unique, unguessable cryptographic credentials securely stored on a user’s device, which have the potential to replace traditional multi-factor authentication. This is a substantial leap forward in phishing protection, making it considerably more difficult for hackers to exploit stolen passwords. Microsoft says that its AI system analyzes more than 65 trillion security signals per day— with more than 4,000 password attacks every second — to identify suspicious login attempts and request additional identity verification when needed in the new system. The company also revealed a new capability called Config Refresh that relies on AI to detect and revert unwanted changes to device policies in near real-time. This allows IT teams to lock down device settings while leveraging intelligence to accommodate legitimate policy updates. Microsoft pioneers a new cybersecurity path with AI The company’s commitment to AI solutions aligns with its longstanding strategy of positioning itself as a leader in enterprise computing. By weaving AI into the fabric of Windows 11, Microsoft is demonstrating its commitment to providing businesses with secure, reliable, and forward-thinking solutions. Business analysts see this as a clear indicator of Microsoft’s strategy to leverage its AI prowess to drive growth and cement its position in the enterprise data and AI market. Given the increasing importance of cybersecurity in the modern business landscape, Microsoft’s investment in AI could pay significant dividends. However, the real test of these new AI-powered features will be their effectiveness against real-world threats. As cyber threats continue to evolve, so too must our defenses. If Microsoft’s AI enhancements can live up to their promise, they will represent a significant advance in cybersecurity and a potent tool in the fight against cybercrime. As AI continues to transform enterprise data and security, it’s clear that companies like Microsoft are leading the charge. By harnessing the power of AI, Microsoft is not just shaping its future but also the future of cybersecurity as a whole. Only time will tell how these developments play out, but one thing is certain: the era of AI-driven cybersecurity is here, and Microsoft is at its helm.

Read More

Enterprise Security

Honeywell Uses Quantum Computing Encryption to Protect Utility Data

Honeywell | September 11, 2023

Honeywell has announced that it's the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, protecting end-user data from advanced cybersecurity threats. Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness. Honeywell's new Smart Energy and Thermal Solution products powered with Quantum Origin are now available to North American and European customers. Honeywell recently made a groundbreaking announcement that it is the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, a move that provides advanced protection for end-user data against cyber threats. To achieve this, Honeywell will leverage Quantinuum's Quantum Origin technology to not only enhance data security but also contribute to building greater reliability and trust in the evolving utility sector. The enhanced security utility meters establish a new standard for safeguarding against data breaches and ensuring the uninterrupted operation of water, gas, and electricity utility infrastructure for both commercial and residential applications. Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness, thereby rendering them truly unpredictable and substantially enhancing the data security of utilities' end users. No other organizations in the smart meter market presently offer quantum-hardened encryption protection. The incorporation of this technology into Honeywell's Smart Energy and Thermal Solutions' products will assist in addressing the industry's expanding data security requirements, especially as they pertain to critical infrastructure. President of Smart Energy and Thermal Solutions at Honeywell, Hamed Heyhat, said, By integrating Quantinuum's quantum-computing-hardened encryption technology into our smart meters, we are advancing data security for our customers and helping to shape the dialogue on how the utility industries should approach cybersecurity in the quantum era. [Source – Cision PR Newswire] Hamed Heyhat emphasized the significance of continuous innovation in enabling customers to stay ahead of the ever-changing threat landscape. It was noted that such a level of protection is crucial in our progressively digital and interconnected world. Tony Uttley, President and COO of Quantinuum, mentioned, Our work with Honeywell demonstrates the importance of using the power of today's quantum computers to create a more resilient cyber infrastructure to better protect customers. [Source – Cision PR Newswire] Smart Energy and Thermal Solution products from Honeywell with Quantum Origin are now available to North American and European customers. The collaboration will strengthen Honeywell's position as an industry-leading provider of innovative and secure solutions for the utilities industry.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Enterprise Security

Microsoft harnesses power of AI to boost Windows 11 security, pushes for passwordless future

VentureBeat | September 27, 2023

Microsoft announced a series of new enterprise security features today that use artificial intelligence (AI) to help defend Windows 11 against increasingly sophisticated cyberattacks. The tech giant claims its new AI capabilities will reduce security incidents by 60% and firmware attacks by 300% for businesses using the latest version of its software. Microsoft’s vice president of enterprise and OS security, David Weston, explains in a company blog post that was published today specifically how AI is being used to fortify Windows 11 against sophisticated attacks, ranging from malware to firmware threats, and even nation-state attacks. At the heart of this AI-focused security upgrade is the integration of Microsoft’s Pluton Security Processor and Secured-core PCs. Both systems leverage AI algorithms to isolate sensitive data and provide defense against potential threats. IT professionals should note that these Secured-core PCs are reported to be 60% more resilient to malware than non-Secured-core PCs, a significant improvement in system defenses. Microsoft’s AI strategy also appears to be forward-thinking, with the company starting to adopt memory safe languages like Rust for traditional attack targets. Rust’s memory safety features without garbage collection make it an ideal language for building reliable and efficient systems, further multiplying the cybersecurity benefits. The end of passwords? Microsoft’s groundbreaking move Perhaps most notable among today’s announcements is Microsoft’s push towards a passwordless future, a move that could fundamentally alter the landscape of cybersecurity. Microsoft’s AI will now be used to develop and implement passkeys — unique, unguessable cryptographic credentials securely stored on a user’s device, which have the potential to replace traditional multi-factor authentication. This is a substantial leap forward in phishing protection, making it considerably more difficult for hackers to exploit stolen passwords. Microsoft says that its AI system analyzes more than 65 trillion security signals per day— with more than 4,000 password attacks every second — to identify suspicious login attempts and request additional identity verification when needed in the new system. The company also revealed a new capability called Config Refresh that relies on AI to detect and revert unwanted changes to device policies in near real-time. This allows IT teams to lock down device settings while leveraging intelligence to accommodate legitimate policy updates. Microsoft pioneers a new cybersecurity path with AI The company’s commitment to AI solutions aligns with its longstanding strategy of positioning itself as a leader in enterprise computing. By weaving AI into the fabric of Windows 11, Microsoft is demonstrating its commitment to providing businesses with secure, reliable, and forward-thinking solutions. Business analysts see this as a clear indicator of Microsoft’s strategy to leverage its AI prowess to drive growth and cement its position in the enterprise data and AI market. Given the increasing importance of cybersecurity in the modern business landscape, Microsoft’s investment in AI could pay significant dividends. However, the real test of these new AI-powered features will be their effectiveness against real-world threats. As cyber threats continue to evolve, so too must our defenses. If Microsoft’s AI enhancements can live up to their promise, they will represent a significant advance in cybersecurity and a potent tool in the fight against cybercrime. As AI continues to transform enterprise data and security, it’s clear that companies like Microsoft are leading the charge. By harnessing the power of AI, Microsoft is not just shaping its future but also the future of cybersecurity as a whole. Only time will tell how these developments play out, but one thing is certain: the era of AI-driven cybersecurity is here, and Microsoft is at its helm.

Read More

Enterprise Security

Honeywell Uses Quantum Computing Encryption to Protect Utility Data

Honeywell | September 11, 2023

Honeywell has announced that it's the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, protecting end-user data from advanced cybersecurity threats. Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness. Honeywell's new Smart Energy and Thermal Solution products powered with Quantum Origin are now available to North American and European customers. Honeywell recently made a groundbreaking announcement that it is the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, a move that provides advanced protection for end-user data against cyber threats. To achieve this, Honeywell will leverage Quantinuum's Quantum Origin technology to not only enhance data security but also contribute to building greater reliability and trust in the evolving utility sector. The enhanced security utility meters establish a new standard for safeguarding against data breaches and ensuring the uninterrupted operation of water, gas, and electricity utility infrastructure for both commercial and residential applications. Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness, thereby rendering them truly unpredictable and substantially enhancing the data security of utilities' end users. No other organizations in the smart meter market presently offer quantum-hardened encryption protection. The incorporation of this technology into Honeywell's Smart Energy and Thermal Solutions' products will assist in addressing the industry's expanding data security requirements, especially as they pertain to critical infrastructure. President of Smart Energy and Thermal Solutions at Honeywell, Hamed Heyhat, said, By integrating Quantinuum's quantum-computing-hardened encryption technology into our smart meters, we are advancing data security for our customers and helping to shape the dialogue on how the utility industries should approach cybersecurity in the quantum era. [Source – Cision PR Newswire] Hamed Heyhat emphasized the significance of continuous innovation in enabling customers to stay ahead of the ever-changing threat landscape. It was noted that such a level of protection is crucial in our progressively digital and interconnected world. Tony Uttley, President and COO of Quantinuum, mentioned, Our work with Honeywell demonstrates the importance of using the power of today's quantum computers to create a more resilient cyber infrastructure to better protect customers. [Source – Cision PR Newswire] Smart Energy and Thermal Solution products from Honeywell with Quantum Origin are now available to North American and European customers. The collaboration will strengthen Honeywell's position as an industry-leading provider of innovative and secure solutions for the utilities industry.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

More featured news