RiskIQ Named a Strong Performer in Vulnerability Risk Management by Leading Independent Research Firm
October 23, 2019
Recognized as “a strong tool to have in your vulnerability management toolbox”
SAN FRANCISCO – October 23, 2019 – RiskIQ today announced it was among the thirteen select companies that Forrester invited to participate in The Forrester Wave™: Vulnerability Risk Management, Q4 2019, an evaluation for educating security and risk professionals. In this evaluation, RiskIQ was cited as a Strong Performer based on its scores in the Strategy, Current Offering, and Market Presence categories.
Participants were judged on fourteen criteria, including digital footprinting, asset criticality, risk-based prioritization, and product vision, to determine category positioning. RiskIQ earned the highest possible scores in the Digital Footprinting, Execution Roadmap, and Partner Ecosystem criteria, with Forrester determining that RiskIQ is “a great fit for large enterprises that need help identifying unknown and vulnerable assets.”
One of the new capabilities evaluated in the Q4 2019 iteration of The Forrester Wave™: Vulnerability Risk Management was how well the participants help organizations with digital footprinting to understand what internet-exposed assets they may not be aware of—a traditional weakness of security scanners. Here, RiskIQ’s offering received the highest possible score in the Digital Footprinting criteria.
“RiskIQ uses a sophisticated sensor network in combination with virtual web crawlers to identify assets and vulnerabilities on publicly addressable systems,” according to Forrester’s research. “It also fingerprints any services it finds and allows you to query this data to quickly identify vulnerabilities in your extended infrastructure.”
Assisting customers in mapping their external attack surface for over a decade, RiskIQ uses a network of sensors and virtual users that find web and mobile applications an organization owns so their vulnerability and pen-testing teams can evaluate them. With the internet telemetry data it's collected, RiskIQ also helps these teams layer external intelligence to assets they already know about. In RiskIQ’s view, it is because of these capabilities that it was described by Forrester as “a strong tool to have in your vulnerability management toolbox.”
RiskIQ believes that the rash of security breaches caused by a vulnerability in an internet-connected asset makes the need for organizations to manage their full attack surface, from inside the network to all that lies beyond the firewall, a pressing priority. Today's internet-scale threats can overwhelm the defenses of businesses that lack visibility into their exposed digital assets, which makes vulnerability risk management (VRM) a crucial element of attack surface management.
“With breaches of businesses in the headlines seemingly every week, having visibility into your internet-facing assets is no longer just nice to have; it's required,” said Lou Manousos, RiskIQ CEO. “RiskIQ is committed to building tools that help our customers continuously discover their digital attack surface and evaluate risk to keep their business and customers safe.”
In addition to being named a Strong Performer in VRM, the report noticed that “reference customers state that RiskIQ has been invaluable in helping them discover infrastructure they didn't know existed,” which is where traditional security scanners fall short. Without the capability of revealing their internet attack surface, organizations cannot manage their vulnerabilities and are left exposed.
Read more by downloading your copy of the Forrester Wave™: Vulnerability Risk Management, Q4 2019 here.
RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75%of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, security teams and CISO’s, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.
© 2019 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.
Front Lines Media