Monday Morning Impact – March 20

Rapid7 Vulnerability Intelligence Report Shows Attackers Developing and Deploying Exploits Faster Than Ever

Rapid7, Inc., a Boston-based cybersecurity company, has released its latest Vulnerability Intelligence Report, finding that attackers are developing and deploying exploits faster than ever; 56% of the vulnerabilities in this report were exploited within seven days of public disclosure — a 12% rise over 2021 and an 87% rise over 2020. In 2022, the median time to exploitation was just one day.

The report also notes a 33% decrease between 2021 and 2022 in the number of vulnerabilities that were exploited to carry out ransomware attacks. This decrease may indicate that ransomware operations have become less reliant on new vulnerabilities, but it may also be caused by other factors, including lower reporting of ransomware incidents, according to company analysts.

Analysis of security vulnerability trends shows an 87% increase in first-week exploitation since 2020.

“The ransomware ecosystem and the cybercrime economy have continued to mature and evolve,” said Caitlin Condon, Rapid7 vulnerability research manager and lead author. “We saw many more ransomware families actively compromising organizations in 2022, which naturally creates challenges for threat tracking and reporting.”

Security, IT, and other teams tasked with vulnerability management and risk reduction operate in high-urgency, high-stakes environments where informed decision-making hinges on the ability to quickly separate signal from noise. When a new potential threat emerges, information security professionals often find themselves needing to translate vague descriptions and untested research artifacts into actionable intelligence for their own particular risk models.

Examining 50 of the most notable security vulnerabilities and high impact cyberattacks in 2022, the report highlights exploitation trends, explores attacker use cases, and offers a framework for understanding new security threats as they arise.

Channel Impact^®
Rapid7 produces the annual Vulnerability Intelligence Report to help organizations understand attack trends and proactively address both the unique and shared threats they face.

CrowdStrike and Dell Technologies Forge Alliance for Commercial PC Cybersecurity

CrowdStrike, an Austin, Texas-based cybersecurity company, and Dell Technologies have announced a new strategic alliance for the solution-based sale of CrowdStrike’s Falcon platform and a broad set of Dell offerings, including commercial PCs.

The CrowdStrike platform leverages real-time indicators of attack, threat intelligence, and advanced telemetry from across the enterprise for detection, automated protection and remediation, threat hunting and prioritized observability of vulnerabilities in endpoints, cloud workloads, identity, and data.

“Dell’s selection of CrowdStrike for customers of all sizes illustrates cybersecurity’s criticality in today’s digital world,” said Daniel Bernard, chief business officer at CrowdStrike. “The CrowdStrike and Dell collaboration provides significant market access, expediting consolidation from legacy and point products to cybersecurity’s leading modern platform.”

“Today’s complex threat landscape calls for a collaborative approach that brings together industry-leading technologies and world-class teams to build the strongest defense for our customers,” said Sam Burd, president of the Client Solutions Group at Dell. “Our work with CrowdStrike is the latest example of how we’re helping organizations stay ahead of threats.”

The CrowdStrike Falcon platform is available to purchase today with volume licensing to help medium and large enterprises as well as public sector organizations consolidate spend, platforms and contracts while meeting security and compliance needs. CrowdStrike will also be available across a broad set of Dell offerings, including with the purchase of Dell commercial PCs in the coming months.

Channel Impact^®
The two companies promise industry-leading cybersecurity protection to organizations around the world.

Rubrik Announces Revamped Partner Program

Rubrik, a Palo Alto-based Zero Trust security vendor, has updated its “Transform Partner Program” to better assist channel partners to become trusted data security advisors and improve cyber readiness, resilience, and recovery for their customers.

According to the Rubrik Zero Labs State of Data Security report, only five percent of organizations were able to return to business continuity or normal operations within one hour of discovering a cyberattack. Therefore, the company contends that organizations need a complete cyber resilience strategy in addition to the ability to test recovery readiness plans and investigate data threats.

The program leverages a points-based scoring system and customizable incentive plan to reward and support top-performing partners. Partners are able to accumulate points based on specific activities outlined in the program. They can also accelerate their score by completing qualifying value-add activities. The points are then used to achieve tiers with escalating benefits.

The Authorized Partner level provides eligibility for discounts by uncovering and driving approved net-new end user opportunities registered through the partner portal.

Once a partner accumulates a minimum threshold of points, Elite Partner status provides deeper discounts and sales incentives uncovering and closing net-new business.

Elite Partners with a high volume of bookings in the previous 12 months are eligible for an Elite-Plus level that features customized incentives and business development investments, including marketing development funds and Rubrik dedicated resources linked to establishment of an investment plan with their regional channel development team.

Channel Impact^®
New program is designed to enable partners to help customers defend against cyberattacks while broadening the base for channel program advancement through criteria that extend beyond pure revenue.