Ivanti has acquired RiskSense, a risk-based vulnerability management and prioritisation specialist, with the aim of driving the next evolution of patch management. The terms of the transaction were not disclosed.
According to a statement, the combination of the two companies will enable organisations to shrink their attack surface, prioritise vulnerabilities to remediate, and reduce their exposure to cyber threats and ransomware attacks by taking a proactive, risk-based approach to patch management.
Together, Ivanti and RiskSense plan to provide security and IT teams with context and adaptive intelligence regarding what their organisation's exposures are to vulnerabilities that are being actively exploited, including whether those vulnerabilities are tied to ransomware, and then enable them to quickly remediate those threats.
Overall solutions from the combined companies are expected to reduce the mean time to detect, discover, remediate, and respond to cyber threats, particularly critical vulnerabilities linked to or associated with ransomware.
This will improve the efficiency and effectiveness of security and IT operations teams in combatting weaponised vulnerabilities used by cyber adversaries, according to the companies.
Ivanti has already integrated the RiskSense Vulnerability Intelligence and Vulnerability Risk Rating, which prioritises and quantifies adversarial risk based on factors such as threat intelligence, in-the-wild exploit trends, and security analyst validation, into Ivanti Neurons for Patch Intelligence.
This feature is currently available to Ivanti Neurons for Patch Intelligence customers who also have RiskSense licenses.
RiskSense CEO Srinivas Mukkamala says, “Over the past two years, cyber attacks such as ransomware have crossed the line from being a nuisance to truly disrupting society. And unpatched vulnerabilities remain one of the common points of infiltration into organisations' ecosystems."
Mukkamala says, "I'm committed to the global fight against ransomware. And I truly believe that the combination of risk-based vulnerability prioritisation and automated patch intelligence can help organisations reduce their exposure and make a major impact in global cyberspace.
"Together, RiskSense and Ivanti will help customers drive operational efficiencies and defend against the next wave of sophisticated cyber threats, including ransomware attacks.
Ivanti chairman and CEO Jim Schaper says, “Ivanti has been a leader in patch management for many years, but the acquisition of RiskSense will take our capabilities to an even higher level.
"This combination will allow us to provide our customers with a holistic view of vulnerabilities and exposures, and then enable them to take fast action through Ivanti Neurons for Patch Intelligence.
"Customers will be able to greatly reduce their attack surface and risk of breach because of the vulnerability intelligence and the resulting remediation prioritisation based on actively trending exploits and ransomware attacks.
Mukkamala continues, “The combination of risk-based vulnerability prioritisation and automated patch intelligence is completely unique to the market. Ivanti and RiskSense are bringing two powerful data sets together.
"RiskSense has the most robust data on vulnerabilities and exploits, including the ability to map them back to ransomware families that are evolving as ransomware-as-a-service, along with nation states associated with APT groups. And Ivanti has the most robust data on patches.
"Together, Ivanti and RiskSense will enable customers to take the right action at the right time and effectively defend against ransomware, which is the biggest security threat today.