Action1 Corporation, a leading provider of risk-based patch management solutions for work-from-anywhere enterprises, has announced its plans to invest $20 million in its solution. The investment aims to address the need for secure and user-friendly cloud solutions to continuously remediate security vulnerabilities on distributed networks’ endpoints. The company intends to allocate funds for research and development (R&D), with a specific focus on implementing a zero-knowledge architecture into its platform.
The significance of addressing unpatched vulnerabilities in cybersecurity cannot be overstated. According to a report from SC Magazine, these vulnerabilities accounted for 82% of cyberattacks in the first half of 2022, making them a major contributor to data breaches. Patching vulnerabilities often gets overlooked due to the complexity of modern IT environments and the lack of automation. Surprisingly, a survey by Action1 revealed that 73% of enterprises do not automate third-party patching, despite having an average of 67 applications per device.
Furthermore, patching remote endpoints takes 2.5 times longer, adding to the challenge of ensuring a secure network. While cloud-based solutions offer a possible remedy, enterprises have become increasingly concerned about security risks following software supply chain attacks such as SolarWinds and Kaseya, which exploited vulnerabilities through a single entry point.
Ken Buckler, Research Director at Enterprise Management Associates, emphasized the urgent need for alternatives to legacy endpoint management tools. He stated, “The unprecedented growth of online threats in parallel to the growth of distributed workforces is forcing organizations to seek alternatives to legacy endpoint management tools, which not only struggle with scalability, but also hinder their ability to maintain flexibility, cybersecurity, and resilience.”
In response to these challenges, Action1’s cloud-native platform empowers enterprises to streamline the deployment of operating system (OS) and third-party updates or implement compensating controls to remediate security vulnerabilities. Unlike many other players in the patch management market that rely on third-party technologies, Action1 employs its own patching engine, ensuring an impressive 99% success rate. To enhance security further, Action1 integrates a zero-knowledge architecture into its platform, eliminating the risk of successful supply chain attacks on both the platform and its customers.
The zero-knowledge architecture utilizes encryption and digital signatures, making transactions within the system provable and verified without revealing any underlying information. This additional layer of defense makes it exceptionally challenging for attackers to establish persistence within the software supply chain in the event of a compromise.
One of Action1’s customers, Matt Lutjen, a system administrator at CARR Auto Group, spoke highly of the platform’s benefits. He stated, “Action1 provides us with complete visibility into the patching status across our endpoints, enabling us to develop policies for OS and third-party updates to automatically remediate security vulnerabilities. When combined with the upcoming zero-knowledge feature, it will bring our resilience level at the cutting edge of industry trends.”
The zero-knowledge architecture, which provides enhanced security measures, is set to be implemented into the platform in the first half of 2024.
Action1 Corporation, founded by cybersecurity veterans Alex Vovk and Mike Walters, is recognized as the top risk-based patch management platform for distributed networks. The platform is trusted by thousands of global enterprises to discover, prioritize, and remediate vulnerabilities in a single solution, thereby preventing security breaches and ransomware attacks. Action1 automates the patching process for third-party software and operating systems, ensuring continuous patch compliance and the remediation of security vulnerabilities.
With its commitment to setting a new standard in patch management, Action1 provides enterprises with powerful and user-friendly solutions for continuous patch compliance, fortified by advanced security measures. These measures ensure the platform and its underlying infrastructure remain highly protected, effectively addressing the evolving needs of modern distributed enterprises in mitigating the threat of supply chain attacks.
For more information about Action1 Corporation and its risk-based patch management platform, visit their website at www.action1.com.