FIRST would like to gratefully acknowledge the following organizations and individuals for their support!
-
Co-Host | CVE
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
www.cve.org/
-
Nucleus is a Risk-Based Vulnerability Management (RBVM) solution that automates vulnerability management processes and workflows, enabling organizations to mitigate vulnerabilities 10 times faster, using a fraction of the resources that it takes to perform these tasks today.
nucleussec.com/
-
At Amazon, security is job zero. The Amazon Security organization is central to maintaining customer trust and delivering delightful customer experiences. Our mission is to maintain a high bar for security across all of Amazon’s products and services. Our teams lead in protecting company and customer data by continuously assessing our systems, identifying and evaluating risks, and driving mitigations.
www.amazon.com/
-
Backslash offers a comprehensive suite of advanced software security solutions, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), and more, designed to prioritize and uncover reachable vulnerabilities in application code. With a focus on identifying vulnerabilities that present real attack paths to your code, Backslash simplifies the complex process of securing software. This targeted approach ensures that development teams can focus their efforts on fixing vulnerabilities in code and open-source software that are actively in use and accessible. By leveraging Backslash's superior security tools, organizations can efficiently allocate their resources towards mitigating the most critical risks, ensuring a robust defense against potential cyber threats.
www.backslash.security
-
Brinqa centralizes security tool findings to provide a unified view of cyber risk across all security programs. By correlating vulnerabilities, business context and threat intelligence, Brinqa creates a Cyber Risk Graph, a live model of all assets, vulnerabilities, and their relationships. Brinqa puts this intelligence to work for security teams by precisely prioritizing the risks that matter, orchestrating the remediation process, and motivating business owners to act.
www.brinqa.com
-
The Censys Platform is the leading internet intelligence platform for threat hunting and exposure management.
Censys empowers governments, enterprises, and researchers with the most comprehensive, accurate, and up-to-date map of the internet to defend attack surfaces and hunt for threats.
censys.com
-
The Deepfactor application security platform combines software composition analysis, container scans, container runtime security and SBOM into a powerful integrated platform. With the platform’s unique runtime software composition analysis, customers can now correlate static scans with runtime analysis, and prioritize vulnerabilities based on true usage. Deepfactor was honored to be named a winner of the 2023 SINET16 Innovator Award. For more information, visit www.Deepfactor.io and follow on LinkedIn and Twitter.
www.deepfactor.io
-
Edgescan is the first integrated cybersecurity platform that unifies five robust security solutions into one combative platform. Solutions include: External Attack Surface Management (EASM), Risk-based Vulnerability Management (RBVM), Application Security Testing (AST), API Security Testing and Penetration Testing as a Service (PTaaS). The platform reduces the complexity and overhead associated with tool proliferation, guarantees accuracy and near-zero false positives, speeds up remediation, cuts operational costs, while reducing risk associated with digital transformation and cloud deployments.
www.edgescan.com
-
Open-source platform for IT and security teams with thousands of computers. Designed for APIs, GitOps, webhooks, YAML, and humans.
fleetdm.com
-
FOSSA is a leading SBOM and software supply chain risk management platform. It helps enterprises generate, ingest, analyze, and operationalize SBOMs in multiple formats, supporting a range of regulatory compliance and software transparency initiatives. It also offers comprehensive SCA (software composition analysis) capabilities, including automated open source license compliance management and vulnerability prioritization solutions. FOSSA was founded in 2015 and has grown to serve thousands of leading organizations across the globe. In all, it's been downloaded nearly two million times and has run nearly 100 million open source software scans.
fossa.com
-
Intigriti is a rapidly growing cybersecurity company that specializes in crowdsourced security services to help organizations protect themselves from cybercrime. Our industry-leading bug bounty platform connects our customers with 90,000+ ethical hackers worldwide, ensuring proactive cybersecurity protection in a pay-for-impact model, meaning you only pay for valid vulnerability submissions. For more information, follow us on LinkedIn.
www.intigriti.com/
-
JupiterOne provides a comprehensive CAASM solution, simplifying asset visibility and management. With 200+ integrations, track devices, users, servers, apps, etc. Prioritize issues, assess breach impact, and automate workflows for faster response and reduced remediation time. View assets, context, and risks in one place, visualize connections, receive alerts, automate compliance, and audit evidence collection. Collect, normalize, map asset relationships, query with natural language, and report insights instantly.
jupiterone.com
-
Manifest is a leader in SBOM management used by product security and PSIRT teams around the world manage software and open-source dependencies, identify vulnerabilities and risks in code, and facilitate vulnerability response workflows. Delivering automated SBOM generation, solicitation from third parties, aggregation, vulnerability analysis, alerting, and secure sharing, Manifest addresses and automates every step of the SBOM lifecycle. Manifest is also a pioneer in the world of AI Bills of Materials (AIBOM) and is a thought leader in the AI supply chain space.
www.manifestcyber.com
-
Opus Security empowers security and engineering teams to orchestrate effective, collaborative, results-driven remediation. Operating as a SaaS remediation platform, Opus enables customers to aggregate, de-duplicate, and prioritize vulnerabilities across application security tools, cloud-native applications, and infrastructure. Opus Security’s cloud-native remediation platform easily integrates with existing toolsets and consolidates security issues across tools and environments, automatically streamlining critical remediation processes. Opus manages the entire remediation process from end-to-end, reducing remediation time from weeks to days.
www.opus.security/
-
Reveald guides organizations along their journey from reactive to proactive defense. Their AI-driven Epiphany Intelligence Platform™ empowers security teams to break free from existing reactive processes by leveraging Continuous Threat Exposure Management (CTEM), supported by the expertise to guide them on every step of the journey. Known for its innovative and proactive approach to cyber threats, the company is powered by a client-first approach, prioritizing risk mitigation and operational efficiency. To learn more, visit their website.
https://reveald.com/
-
Seemplicity accelerates vulnerability remediation with its Remediation Operations platform. The platform helps you unify, manage and automate vulnerability remediation workflows across code, cloud and infrastructure. It delivers accelerated risk reduction, enhanced visibility and accountability, and streamlined remediation processes.
seemplicity.io
-
Silk Security is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk. Silk’s holistic approach enables operations and security stakeholders to collaboratively align finding risk with fixing risk.
www.silk.security/
-
Vulcan Cyber goes beyond siloed vulnerability risk management to provide enterprise teams with one exposure management platform to consolidate, prioritize, and mitigate cyber risk across all attack surfaces at scale. Vulcan Cyber was recently named the VRM "Leader" by Forrester and Omdia. Try Vulcan Free, the free vulnerability prioritization tool, today.
vulcan.io
-
VulnCheck is the vulnerability intelligence company helping enterprises, government organizations, and cybersecurity vendors solve the vulnerability prioritization challenge. Trusted by some of the world's largest organizations responsible for protecting hundreds of millions of systems and people, VulnCheck helps organizations outpace adversaries by providing the most comprehensive, real-time vulnerability intelligence that is autonomously correlated with unique, proprietary exploit and threat intelligence. Follow the company on LinkedIn, Mastodon, or Twitter.
vulncheck.com.
-
The Open Source Security Foundation (OpenSSF) is a cross-industry initiative by the Linux Foundation that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The OpenSSF seeks to make it easier to sustainably secure the development, maintenance, and consumption of the open source software (OSS) we all depend on. This includes fostering collaboration, establishing best practices, and developing innovative solutions.
openssf.org
-
Red Hat is the world's leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.
www.redhat.com
