Contact Us
Menu
Contact Us
banner-hero

NetRise News & Blog

by NetRise, on Aug 8, 2022 12:00:00 AM

AUSTIN, Texas, August 8, 2022 -- NetRise, the company providing visibility into the world's XIoT security problem, announced today the release of the NetRise Platform, which is the industry’s first solution providing insights into shared vulnerabilities across XIoT firmware images in an organization. NetRise is a cloud-based SaaS platform that analyzes and continuously monitors the firmware of XIoT devices. The firmware images are then dissected, presenting all of the key data, artifacts, and risk in …

Read Story

by NetRise, on Aug 1, 2022 10:45:38 AM

AUSTIN, Texas, Aug. 1, 2022 /PRNewswire/ -- NetRise, the company solving the world's XIoT (Extended Internet of Things) security problem, announced today the addition of Stuart McClure, Former CEO of Cylance, to the company's Board of Directors. "NetRise is one of the most innovative and promising early-stage cybersecurity companies I have had the pleasure of advising. Joining the Board of Directors gives me the opportunity to help set the strategic direction of the company along with its day to …

Read Story

by NetRise, on Jul 27, 2022 11:48:31 AM

AUSTIN, July 26, 2022 /PRNewswire/ -- NetRise, the company providing visibility into the world's XIoT security problem, and Fortress Information Security, the nation's leading cybersecurity provider for critical infrastructure organizations with digitized assets, announced today a strategic partnership. This partnership gives Fortress Information Security's global customers access to the most advanced firmware binary analysis platform on the planet. The NetRise team's experience in data science, machine learning, and software reverse engineering dramatically expands Fortress customers' ability to identify and …

Read Story

by NetRise, on Jun 28, 2022 10:01:09 AM

In a recent post we identified the problem of “zero-awareness” – businesses often don’t know what xIoT devices are attached to their network and what risks and vulnerabilities those devices have. Why this problem exists is a conundrum, both easy to explain and impossible to explain. The easy explanation is that xIoT devices typically run firmware and our traditional security tools deal with software, not firmware. The conundrum is that firmware is software, so why …

Read Story

by NetRise, on May 31, 2022 9:51:33 AM

Risk management is a big part of running a business these days, especially in IT circles. Not only are threat actors always evolving and enhancing their attacks, but also the attack surface of organizations is constantly growing. The advent of IoT introduced literally millions if not billions of new devices for hackers to potentially exploit. Have you considered who really owns the risk associated with xIoT devices? Imagine it’s 2014 and your router was compromised …

Read Story

by Tom Alrich, on May 12, 2022 8:46:39 PM

I recently wrote two posts (the second one is here) about a chilling revelation that Tom Pace of NetRise made at an informal meeting I recently attended. NetRise specializes in firmware security, and Tom has  noted that a huge percentage of software and firmware products aren’t registered at all in the National Vulnerability Database (NVD), meaning there’s no CPE name registered for the product. This means there has never been a single vulnerability reported for the product. Thus, if …

Read Story

by Tom Alrich, on May 9, 2022 1:37:51 PM

A recent post described a presentation I saw last Friday by Tom Pace of NetRise, describing what seems to be a huge security problem. To summarize it: Do you think products with a lot of open vulnerabilities - as indicated by CVE’s listed for the product in the National Vulnerability Database (NVD) - are dangerous and should be avoided? If so, you’re right. By the same token, do you think a product with no open vulnerabilities – …

Read Story

by Thomas Pace, on May 4, 2022 2:27:06 PM

Join ASMGi and NetRise as we discuss the cyber security challenges of Enterprise IoT (XIoT) technology. XIoT is pervasive across critical and non-critical sectors, driving more connectivity than ever before between the cyber and physical worlds spanning industrial, healthcare, and enterprise environments. But deploying IoT and IIoT devices in traditional OT environments can create gaps in cyber security and cyber criminals are taking advantage of the weak security engineered into many XIoT devices to target …

Read Story

by Tom Alrich, on May 2, 2022 12:37:59 PM

I’ll be honest: It’s been quite a while since I seriously worried about anything in cybersecurity other than software vulnerabilities. Almost every serious cyberattack you can name in the last say five years, including Not Petya, SolarWinds, Kaseya, and literally every ransomware attack, was either based on or enabled by at least one software vulnerability. Of course, when the average cybersecurity person thinks about software vulnerabilities, they probably think of badly-trained (or simply incompetent) software coders …

Read Story

by Steve Struthers, on Apr 5, 2022 1:38:34 PM

In the world of xIoT security, we have learned some unfortunate and difficult lessons over the past decade. Events like Mirai, Shellshock, Heartbleed and Log4J have left so many of us with the question … “What’s next? And will it affect me?” Just as importantly, “will it be more or less destructive than what has come before?” The reality we are facing now is that 2021 was a year of significant growth of incidents within …

Read Story

Subscribe to Newsletter