Skip to main content

RiskSense Cloud Service Protects Against Cyber Threats and Vulnerabilities Ahead of Midterm Elections

RiskSense®, Inc., pioneering risk-based vulnerability prioritization and management, today announced its AI-Assisted Pen Testing Service called Attack Surface Validation for Election Systems which provides complete visibility and prioritization of security vulnerabilities that enables any district to remediate problems before the midterms. Immediate findings are delivered through the RiskSense cloud-service and cover the assessment of a district’s entire voting ecosystem, including devices, applications, databases, networks, etc., for vulnerabilities, missing patches, misconfigurations, and more. RiskSense allows resource and security expert-constrained districts to know what to urgently fix, and receive validation that remediation actions were successful.

“I am not a security expert, but I knew it was important to assess the security of the technology and processes used in my district,” said the New Mexico Secretary of State. “The priorities and prescriptive actions provided to our IT staff by RiskSense allowed us to prepare and remediate quickly as findings came to light with the specialized attack scenarios. We have the results to share amongst our constituents that our district will not be idle nor let our community be vulnerable to tampering.”

Most states and counties still rely on a complex, decentralized and aging election infrastructure. With limited resources and varying levels of cybersecurity expertise, many struggle to stay ahead of the increasing threat of unauthorized access, compromise and cyberattacks. They also lack sufficient experience or funding to adequately assess their potential exposure, and keep up with the threat intelligence and exploits that may be targeting their systems. RiskSense Attack Surface Validation for Election Systems addresses these challenges with a modern approach that delivers findings as they are encountered within the cloud platform.

“While internet-connected systems used for online voter registration and election night reporting have a significant attack surface, an end-to-end assessment of election systems is needed to understand which vulnerabilities truly matter,” said Srinivas Mukkamala, CEO of RiskSense. “RiskSense looks at the security of the entire election ecosystem, including management, infrastructure, voter registration systems, poll books, vote tabulation, publishing systems, and more, to establish vulnerability priorities, and validate and measure the effectiveness of remediation actions.”

Service Overview
RiskSense Attack Surface Validation for Election Systems is comprised of the following five phases:

Passive Reconnaissance: Obtains a comprehensive fingerprint of the client’s test systems through passive reconnaissance. Reconnaissance is used to identify intelligence attackers can collect through passive means, without triggering alerts from security monitoring solutions.

Attack Surface Enumeration: Enumerates the sum of an organization’s security risk exposure.

Automated Scanning: Uses leading network vulnerability scanners to test a targeted network for critical vulnerabilities.

Penetration Testing: Attempts to validate the discovered vulnerabilities manually to determine possible methods of network compromise and/or access to sensitive data. RiskSense uses multiple post-exploitation techniques to properly demonstrate the nature and potential consequences of a breach.

Reporting: Collects all evidence in the form of screenshots, requests, responses, and commands issued during all phases of the assessment. Provides results with details of the exploited vulnerabilities, their severity and recommendations for remediation.

Availability
RiskSense Attack Surface Validation for Election Systems is available immediately. Pricing is based on number of monitored assets.

Resources
White Paper: Election System Security Under Scrutiny
https://risksense.com/wp-content/uploads/2018/09/WhitePaper_ElectionSystems.pdf
Solution Brief: Election Systems - Votes Must Count https://risksense.com/wp-content/uploads/2018/09/SolutionBrief_ElectionsSystems.pdf
The RiskSense Platfom: https://risksense.com/products/the-risksense-platform/
Video: RiskSense Platform Demonstration https://www.youtube.com/watch?v=1_GnFD43m_Y

About RiskSense
RiskSense®, Inc. is the pioneer in risk-based vulnerability prioritization and management. Through AI-assisted pen test services and a cloud-based platform, the company delivers a fully informed picture of organizational cybersecurity risk with our credit-like RiskSense Security Score (RS3), dramatically improving how security and IT teams collaborate and take effective action.

The RiskSense cloud platform correlates customer infrastructure with comprehensive internal and external vulnerability data, threat intelligence, human pen test findings, and business asset criticality to measure risk, provide early warning of weaponization, predict attacks, and prioritize remediation activities to achieve cybersecurity risk goals.

By leveraging RiskSense threat and vulnerability management solutions, organizations significantly shorten time-to-remediation, increase operational efficiency, strengthen their security programs, heighten response readiness, reduce costs, and ultimately reduce attack surface and minimize cyber risks. For more information, please visit www.risksense.com or follow us on Twitter at @RiskSense.

Contacts:

RiskSense
Marc Gendron, +1 781-237-0341
marc@mgpr.net
or
media.relations@risksense.com

Data & News supplied by www.cloudquote.io
Stock quotes supplied by Barchart
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.