.png)
RapidFort, the San Francisco-based cybersecurity startup pioneering Software Attack Surface Management (SASM), has launched RapidFort Runtime Protection, its flagship runtime toolset. Runtime Protection provides security teams with a deep understanding of their software and the tools needed to automatically mitigate vulnerabilities – significantly reducing the burden on development teams.
Securing trust among customers, stakeholders, and regulators has never been more critical. Government regulatory efforts and an increasingly interconnected technology landscape are driving companies to decrease their overall attack surface. Many are placing extra emphasis on container security as a key part of their risk reduction strategy in order to protect against malware, vulnerabilities, data leaks, human error, and more. Runtime Protection actively scans, profiles, monitors, and secures containers in lower and production environments, pinpointing the vulnerabilities within applications’ execution paths. This enables teams to protect their infrastructure by automatically securing unused components and unnecessary vulnerabilities, ultimately reducing software attack surfaces by 60-90%. With deep insights into their Kubernetes workloads, teams are able to prioritize vulnerabilities, streamline their remediation strategy, and make informed decisions across the board.
“Scaling the remediation of software vulnerabilities has become an intractable problem to solve," said Dave Neuman, Senior Analyst at Tag-Cyber. "Security professionals are burdened by an overabundance of vulnerabilities and developers are asked to chase CVEs instead of focusing on innovation and new product features. RapidFort is a quantum leap forward. Now security professionals are empowered to solve up to 90% of software vulnerabilities automatically without involving developers. RapidFort’s innovative technology has taken the complex and made it simple, ushering in a whole new way of managing the risk associated with software vulnerabilities at enterprise scale.”
With the addition of RapidFort Runtime Protection, the RapidFort platform is the first solution on the market that offers build time CI/CD tools and runtime Kubernetes features that work in unison, helping organizations reduce their software attack surface throughout the Software Development Life Cycle and facilitating efficient cooperation between security and development teams. Current industry runtime tools can require up to 30% of compute overhead, which can hinder high-performance cloud native environments. Runtime Protection was purpose-built to be environment agnostic and uses less than 1% compute overhead, allowing frictionless deployment in high-traffic Kubernetes environments.
“Trust and compliance are paramount to success in today's business landscape and RapidFort is fundamentally revolutionizing the cloud application security industry by solving one of the most important and complex issues facing organizations today – software vulnerability management,” said Kevin Baldwin, Chief Revenue Officer at RapidFort. “We realized early on we needed to look at the problem differently and that automation was key to solving this issue at scale. The addition of Runtime Protection to our platform’s tool set ensures that, with the push of a button, only the vulnerabilities that materially impact a company's unique environment are identified and remediated. This innovation doesn’t just eat around the edges of the problem. It simply eliminates it.”
RapidFort streamlines vulnerability remediation through a three-step process:
- RF Curated Images: Start with Near Zero CVE Images, hardened to NIST 800-70 standards and FIPS 140-3 validated, providing a secure foundation with daily updates.
- Instrument & Profile: Utilize RF DevTime Protection Tools to generate SBOMs and RBOMs, prioritize vulnerabilities, and apply CIS/STIG benchmarks for proactive security.
- Harden & Defend: Implement RF RunTime Protection Tools to secure unused components, reduce the software attack surface by up to 90%, and enhance efficiency with minimal overhead.
This unified platform enables organizations to remediate up to 95% of vulnerabilities without code changes.
A recent study conducted by RapidFort found that 60-90% of software in modern applications is unused and irrelevant to the execution path. Despite its irrelevance, the unused software is continuously maintained, bogging down security and dev teams while posing significant, unnecessary risk. Through its automatic scanning, monitoring, and hardening capabilities, Runtime Protection identifies this unnecessary code and gives security teams contextual insight into what vulnerabilities matter most so they can remediate risks more efficiently.
To learn more about Runtime Protection and the RapidFort platform, please visit http://rapidfort.com.