NopSec - Company of the Year
Company: NopSec, New York, NY, USA
Company Description: NopSec provides vulnerability management and automated workflow orchestration solutions to help organizations meet compliance and protect businesses from costly security breaches. Unified VRM, powered by E3 Engine, is NopSec’s cloud-based SaaS platform that helps security teams prioritize vulnerabilities, assess potential business impact, validate security controls, and reduce time to remediation.
Nomination Category: Company / Organization Categories
Nomination Sub Category: Company of the Year - Computer Software - Small
Nomination Title: NopSec
Tell the story about what this nominated organization has achieved since 1 January 2017 (up to 650 words). Focus on specific accomplishments, and relate these accomplishments to past performance or industry norms.
NopSec offers a new way for organizations to prioritize and remediate security vulnerabilities through automation and machine learning—drastically reducing the time to remediation. Revolutionizing vulnerability management, the intelligent solution empowers organizations to take a smarter, more targeted approach to proactive remediation to avoid hacker attacks and costly data breaches.
Organizations must rethink their approach to remediating security vulnerabilities. Data overload and false positives are the biggest challenges in prioritizing security risks – creating lag time between detection and remediation of critical threats. Organizations are not able to secure the holes within their environment faster than cybercriminals can exploit them. In fact, recent NopSec research found that 82 percent of organizations think their current remediation process is broken.
NopSec Unified VRM helps security professionals simplify their work, manage vulnerabilities effectively, and make more informed decisions. In less than one year, customers cut their average time to remediation from 190 to under 60 days -- resolving potential issues 3X faster.
Built on a cloud infrastructure, Unified VRM can be operational instantly, and the value can be realized immediately. Its predictive analytics and machine learning models forecast the probability of exploitation so organizations can focus on the threats that pose the most critical risk to their business.
Incredibly simple wizards allow organizations to import vulnerability scan data with just a few clicks, and then the NopSec E3 Engine(launched in May, 2017) instantly goes to work cleansing the data (removing false positives and other irrelevant information), assigning individual threat risk scores and delivering a prioritized list of vulnerabilities. Time to results takes mere hours, depending on the amount of data to be analyzed. Many customers report removing more than 40 percent of the results from a single scan in the way of false positives, duplicates, and other bad data.
Unified VRM then immediately translates this data into rich dashboards and task groups for remediation management—allowing security/IT teams to manage workflow (i.e., assign tickets and tasks), measure progress (i.e., report on ticket status or aging), and establish risk reduction goals across operational teams.
NopSec Unified VRM’s proactive threat remediation is used by organizations worldwide as a way to stay on top of security and the market. Organizations get an advanced look at potential exploits and the associated risks so they can quickly take the necessary corrective action to eliminate those threats -- both to the organization and their customers."
1. A financial institution patched 73% of vulnerabilities within six months thanks to context-enriched prioritization and delegation of duties.
2. A cloud service provider used the unified risk posture view to address vulnerabilities across its IT stack and improve collaboration between systems, development and security teams.
3. A large university provided campus IT teams prioritized results for actionable remediation while providing C-level reporting on overall risk posture across multiple locations.
"The Unified VRM prioritized report of vulnerabilities has eliminated manual spreadsheet work by my team. We reduced our manual tracking and reporting process from weeks to hours,” added Chao Guo, Chief IT Security Officer, Bank of China.
“Unified VRM added order to a vulnerability management process that was getting out of control.” Brian Bartholomew, Suffolk County Government
“It is great to have visibility into our infrastructure and app risk in one place with a scorecard across locations in London, Singapore, Geneva and New York.” Kim Kinser, Hess
According to Arnold Felberbaum, former CISO, adjunct professor in Information Security at NYU Tandon School of Engineering, and strategic advisor to NopSec: "Organizations are finally realizing that the compliance checklist mentality is not enough when it comes to vulnerability management, and that it is essentially worthless when it comes to actual remediation. Properly prioritizing vulnerabilities and working across teams to rapidly remediate the top threats is the only way we can close the gap and keep up with the onslaught of cyber attacks."
In bullet-list form, briefly summarize up to ten (10) of the chief accomplishments of this organization since the beginning of 2017 (up to 150 words).
-NopSec Named Gold Winner of 2018 Most Innovative Cybersecurity Company
-NopSec Cited As A Leader By Independent Research Report on Vulnerability Risk Management
-NopSec's Unified VRM Named Bronze Winner - Best Vulnerability Management Product for 2018
-NopSec named Silver Winner to Best in Biz Awards for Best Enterprise Security Software Product of the Year 2017
-NopSec named Platinum Winner toASTORS Homeland Security Awards for Best Cyber Security Solution Provider for 2017
-NopSec released E3 Engine - World's 1st Automated Security Controls Measurement & Risk Remediation Solution
-NopSec namedCIOReview Magazine's 20 Most Promising Enterprise Security Solution Providers for2017
Of the following measures of success, which ONE do you want the judges to most appreciate about your organization's story of achievement since the beginning of 2017? Technical Innovation