St. Charles, MO, USA
Jan 14, 2022   |  By Rezilion
Manufacturing is one of those industries that seems like a natural fit for vulnerability management, in part because these companies can be such easy targets for cyber criminals. Manufacturers in many cases operate far-flung, global facilities including factories, warehouses, and other distribution points. Increasingly, these different facilities are connected as companies look to modernize their operations through digital transformation.
Jan 14, 2022   |  By Rezilion
Just as the move to DevOps required a cultural shift, incorporating security into a DevSecOps initiative typically requires a delicate dance between developer and security teams. The two groups historically haven’t seen eye to eye and view one another with distrust.
Jan 14, 2022   |  By Rezilion
Assessing the security risks of critical infrastructure organizations is a bit of a challenge, because the category includes multiple industries. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), which leads the nation’s effort to manage and reduce risk to cyber and physical infrastructure, identifies 16 critical infrastructure sectors.
Jan 11, 2022   |  By Rezilion
As the frequency of new products released rises and as the attack surface keeps growing, most companies are faced with a common problem – a growing vulnerability workload. Their vulnerability scanners report countless vulnerabilities and there is simply not enough resources or time to fix all of these vulnerabilities, leaving their networks vulnerable and exploitable.
Jan 10, 2022   |  By Rezilion
Software composition analysis (SCA) tools provide automated visibility throughout the software development life cycle (SDLC) for more efficient risk management, security, and license compliance. As organizations accelerate their digital initiatives, they rely on development teams both internally and externally to build the applications that will help them move forward. But applications are also a popular target for criminals.
Jan 10, 2022   |  By Rezilion
In this second of a five-part series of posts on why strong vulnerability management is so vital for cybersecurity programs, we look at the need for effective vulnerability management in the healthcare sector. Like financial services, healthcare is a highly-regulated industry and it’s also among the most common targets of cybercriminals.
Jan 5, 2022   |  By Yotam Perkal
If you find yourself baffled by the influx of events and newly discovered vulnerabilities affecting the popular Apache Log4j Java logging library, this post is for you. This post aims to survey the entire flow of events since the first discovery of CVE-2021-44228, AKA Log4Shell, to the present date, explain the important aspects of each related vulnerability, as well as provide practical remediation and mitigation advice.
Dec 29, 2021   |  By Rezilion
By now, we’re all likely tired of talking about Log4j and nodding our heads over Zoom when we all discuss the ramifications of exploitation of this small, but very pervasive and powerful vulnerability. At the risk of adding another layer of complexity to the information we have learned about Log4j, I think we are remiss not to mention IT-OT (Information Technology-Operational Technology) convergence and how it could be an enabler for Log4j to impact our critical infrastructure.
Dec 23, 2021   |  By Baksheesh Singh Ghuman
Most enterprises, as well as small organizations globally are now painfully familiar with the Log4j2 vulnerability (CVE-2021-44228). It has taken over the lives of all cybersecurity professionals and it appears it is here to stay for a while. Most enterprises are scrambling for solutions, applying patches if they can find the vulnerability, and trying to implement mitigation strategies. But unfortunately what security teams are doing to tackle the Log4j beast is not always enough.
Dec 23, 2021   |  By Rezilion
It’s not just about the big name companies who are vulnerable to the Apache Log4j2 vulnerability (CVE-2021-44228). Tech small businesses – which offer customers digital products but which often have tight budgets and understaffed security teams – are an important story when it comes to the implications for Log4j exploits. Research now finds that almost all environments have vulnerable Log4j libraries.
Jan 18, 2022   |  By Rezilion
View a demonstration of Rezilion's integration with GitLab to see how you can reduce patching efforts by 70% so you can code more, release faster, and patch less.
Dec 22, 2021   |  By Rezilion
With hackers waiting to exploit any weaknesses, it's no surprise that application security has become one of the industry’s top priorities. Watch this webinar replay and gain timely ‘how-to’ AppSec knowledge that will help you protect your web applications and improve their overall security—you'll even learn some tricks and tips of your own to outwit hackers.
Dec 22, 2021   |  By Rezilion
Open source code is frequently used in app development and can introduce vulnerabilities into environments making them easily exploited by cybercriminals. View the replay of this panel discussion to learn how your organization can reduce security risks.
Dec 22, 2021   |  By Rezilion
Watch this replay for ‘How-To’ Cloud Security knowledge to help teams reduce ongoing operations and administrative costs, increase reliability and availability, and more easily scale as you embrace the benefits of cloud computing.
Dec 10, 2021   |  By Rezilion
Organizations are utilizing cloud at record levels, revealing its power like never before. However, much of this shift was forced, and fast, which increased risk. And attackers are shifting, too. View the replay to watch panelist unpack the power of the cloud and also its peril: current challenges, threats, and pitfalls.
Nov 23, 2021   |  By Rezilion
Container vulnerability management is a challenge every modern security team must address. Snyk’s vast database of open source vulnerabilities gives users industry leading coverage and confidence that any vulnerability that’s present will be identified. But identifying vulnerabilities is only the beginning. Using Snyk and Rezilion Validate means users can identify any vulnerability that’s present, validate if a vulnerability is exploitable in their environment, and automate remediation. This automated process cuts down on manual work, saves up to 70% of time spent patching, and cuts remediation timelines down from days to minutes. Learn more about this groundbreaking combination in this webinar and demo from two product leaders from Snyk and Rezilion.
Nov 17, 2021   |  By Rezilion
Destructive supply-chain attacks like SolarWinds, Kaseya, and Colonial Pipeline have placed a spotlight on how just one piece of vulnerable software can have devastating effects if exploited. In light of these incidents, the White House recently issued a directive that requires software sellers to provide federal procurement agents with a software bill of materials (SBOM) for each software application. An SBOM is a list of every software component that comprises an application and includes every library in the application’s code, as well as services, dependencies, compositions, and extensions.
Sep 30, 2021   |  By Rezilion
Rezilion is an autonomous DevSecOps platform that helps organizations take control of their actual attack surface. Leveraging your existing DevOps stack, Rezilion eliminates the manual work required to protect applications from vulnerabilities and threats.

Rezilion’s autonomous cloud workload protection platform instantly shrinks your attack surface while enabling developers to push code freely.

Rezilion is a stealth mode cyber-security start-up, created by successful serial-entrepreneurs. Rezilion develops a cutting edge technology that makes cloud environments self-protecting and resilient to cyber-attacks.

Security at Cloud Speed and Scale:

  • Dynamic Whitelisting & Application Control: By statically analyzing CI/CD pipeline artifacts (code repositories, VM and container images repositories, etc.) Rezilion determines the correct state for every production instance and assures that each is behaving exactly as programmed.
  • Hardening & Vulnerability Management: Vulnerabilities, known and unknown, are part of the DevOps life. Unfortunately, they can’t be fixed all at once. Rezilion makes living with vulnerabilities manageable by reducing the vulnerable attack surface — as well as the tension between DevOps and Security teams.
  • Exploit Prevention & Memory Protection: Rezilion continuously assesses the integrity of hosts, virtual machines, and containers; providing broad protection against attacks, without the overhead and complexity of legacy solutions.
  • Change Control & Access Management: Immutability is a shared goal for developers, IT, and security. However, few production environments are completely immutable. Rezilion helps control and document any manual change that bypasses the CI/CD pipeline.

Effortlessly reduce your attack surface.