On July 28, a joint cybersecurity advisory was issued and co-authored by the government security bureaus from the US (CISA & FBI), the United Kingdom (NCSC) and Australia (ACSC). The advisory provides details on the top 30 vulnerabilities that have been routinely exploited across the globe by malicious cyber actors in 2020 and so far in 2021. 

All of the common vulnerabilities and exposures (CVEs) identified that malicious cyber actors are exploiting have been publicly known for some time and are through often dated software. Despite that, they are all categorized as either posing critical risk or high risk to any organization running software with these CVEs. 

Organizations continue to fall prey to cyber actors because applying these patches can be difficult and time-consuming, particularly when development teams are already overstretched. 

At RedShield we have assessed the recently published government advisory and its list of top routinely exploited vulnerabilities and can confirm that we are able to immediately shield organizations against exploits targeting 95% of the critical vulnerabilities identified.

Our managed service fixes exploitable elements within the software of web applications and APIs, then adds further protection against Distributed Denial of Service (DDoS), bots, and malicious users.

RedShield CTO Sam Pickles explains “the key element within our technology stack that enables us to fix software vulnerabilities is an edge compute platform. In the case of these vulnerabilities, our developers have created custom software objects called 'shields” that execute on this platform to modify application behavior. With this, we achieve very similar results to a full stack development team without having to have access to, or modify, the application source code.”

He adds that shields can provide immediate peace of mind. “With the shield(s) in place, the customer may still upgrade or patch the systems behind the shields, but they can do so in a planned and managed way, over time.”

Contact us to receive the full shielding plan and detailed mitigations for each vulnerability.

“In the case of these vulnerabilities, our developers have created custom software objects called 'shields” that execute on this platform to modify application behavior. With this we achieve very similar results to a full stack development team without having to have access to, or modify, the application source code.”

Sam Pickles, CTO and Cofounder at RedShield

All News