Macnica signs first primary agency agreement in Japan with ULTRA RED, a provider of military-grade EASM in Israel, a cyber powerhouse. Prevents exploitation of vulnerabilities and provides continuous "external asset discovery & critical vulnerability detection"

Macnica (Headquarters: Yokohama, Kanagawa, Japan, President: Kazumasa Hara, hereinafter Macnica), a total Services & Solutions provider in semiconductor, network, cyber security, and AI/IoT, announces that it has signed a primary distributor agreement with ULTRA RED Ltd. (headquartered in Tel Aviv, Israel; Eran Shtauber, CEO; hereinafter "ULTRA RED"), the first primary distributor in Japan. ULTRA RED will provide the solution "ULTRA RED" to reduce security incident risks in the company and its affiliates in the EASM (External Attack Surface Management) domain, a market that is expected to expand further in the future.

■ Discovery of public assets and detection of vulnerabilities (What is EASM?)
In recent years, with the introduction of telework and the use of cloud services, the number of poorly managed servers and network devices that are open to the public (External Attack Surface) has increased. The number of affected cases is increasing. Therefore, a solution called EASM (External Attack Surface Management), which continuously grasps the external attack surface and manages vulnerabilities, is attracting attention in order to prevent attackers from intruding into the organization.

■ Issues of EASM
While the purpose of the introduction of EASM is to "understand externally disclosed assets" and "manage vulnerabilities", the number of such assets is increasing day by day. In particular, since multiple vulnerabilities exist for a single asset, the number of vulnerability management transactions is enormous, and it is not realistic to immediately respond to all vulnerabilities. In addition, the CVSS score, which is used as a vulnerability evaluation standard, indicates the degree of impact, and there is a problem that it is not necessarily related to whether the vulnerability can actually be exploited (real risk). In addition, there will be delays in response due to lack of IT literacy among asset managers.
To address such issues, it is effective to provide asset managers with appropriate response procedures and implement each response in order of priority based on real risks.

Features of ULTRA RED
Ultra Red has a development base in Israel, one of the world's leading cyber powerhouses, and provides military-level security solutions developed by engineers of the Israeli military's world-class cyber force of 8,200 units. Utilizing the experience and knowledge cultivated in the cyber force and making full use of automated attack simulation technology, it is possible to demonstrate the presence or absence of vulnerabilities inherent in the organization and the effectiveness of intrusion, and to continuously manage them.
ULTRA RED has the following features compared to other EASM solutions, providing asset managers with appropriate information and response procedures, and making decisions based on real risks. .

(1) Risk detection from an attacker's perspective
Using the same TTP (Tactics, Techniques, Procedures) as an actual attacker, it accurately presents possible points of intrusion and attacks. By clarifying points that should be prioritized and automatically detecting risks in advance, it is possible to take countermeasures from an advantageous position over attackers.

(2) Prioritization of vulnerability response based on real risks
It is possible to understand the priority of response by scoring vulnerabilities on a scale of 1 to 5 based on the severity of threats supported by attack emulation.

(3) CTEM (Continuous Threat Exposure Management) platform that integrates three technologies
By combining not only EASM but also attack emulation technology (BAS) using technology cultivated in cyber warfare, information (CTI) including Dark Web, Deep Web, cyber criminal forums and black market transactions, etc. Enables a secure environment

*1: Ascertaining and managing externally exposed areas that may be attacked (EASM)
*2: Attack emulation technology (BAS: Breach & Attack Simulation) using technology cultivated in cyber warfare
*3: Information including Dark Web, Deep Web, cybercriminal forums and black market trading (CTI: Cyber Threat Intelligence)

Macnica will continue to bring the world's most cutting-edge solutions to the Japanese market as quickly as possible and support companies in reducing their security incident risks.

■製品に関するお問い合わせ先
株式会社マクニカ　ULTRA RED担当
TEL：045-476-2010
Email：ULR-info@macnica.co.jp
URL：https://www.macnica.co.jp/business/security/manufacturers/ultrared

[Related information] Importance of ASM (Attack Surface Management) to accurately understand the attack surface:https://mnb.macnica.co.jp/2022/04/asm.html

*Company names and product names mentioned in this text are trademarks or registered trademarks of Macnica and each company.
*The information published in the news release (including product price, specifications, etc.) is current as of the date of announcement. Please note that the information may be subject to change without prior notice.