Cyber Security Cloud, Inc. (Headquarters: Shinagawa-ku, Tokyo; President and CEO: Toshihiro Koike; hereinafter referred to as "the Company"), a global security company, is pleased to announce that it has added an agentless function as a new feature to its vulnerability management tool, SIDfm VM.
This function allows you to obtain object information for network devices without using agents, automatically detect vulnerabilities, and accurately manage countermeasure status. In addition, we have newly introduced two-factor authentication (2FA) using a TOTP app, making it possible to use the service in a more secure environment.

■ Development Background
In recent years, security incidents caused by vulnerabilities in network devices have been increasing, making their management an urgent issue for companies. While there are tools for cloud instances and servers that obtain configuration information and detect vulnerabilities, the mainstream method of managing network devices in on-premise environments has been detection using external scanners. However, managing vulnerabilities in network devices has the following challenges:

- Insufficient management of firmware version information
Many companies are unable to properly manage firmware version information for their network devices, making it difficult to compare it with the latest vulnerability information.

・Even if you manage versions with an asset management tool, you cannot check against vulnerability information.
Some companies manage firmware versions using asset management tools, but differences in the way versions are written by each vendor make it difficult to accurately match them with vulnerability information.

・Manage vulnerabilities in devices that are difficult to scan externally
Depending on the network environment, external scanners may not be able to adequately detect device vulnerabilities.

-Low accuracy of external scans
Because external scanning relies solely on information available from external sources, it is less accurate and may not provide an accurate risk assessment.

What is the new "agentless function"?
To address these issues, we have added a new feature, the "agentless function." This function enables SIDfm VM to more accurately and efficiently manage the vulnerabilities of network devices.

[Features]
- Agentless acquisition of firmware information for network devices
By using SNMP, you can easily obtain information about network devices without the need for an agent.

- Automatic vulnerability detection and management
Firmware vulnerabilities can be detected in real time, allowing you to accurately grasp the status of countermeasures.

- Covers devices that are difficult to scan externally
It is also possible to manage devices that cannot be detected by external scanners and firmware-level vulnerabilities.

With the introduction of this function, you can easily register a large number of network devices, including internal devices, to SIDfm VM and begin vulnerability management.
Furthermore, by automating the updating of information associated with device firmware updates, unnecessary vulnerability notifications can be reduced, reducing the burden on administrators while allowing accurate status understanding and reducing workload. This allows companies to strengthen the security of their entire network, improve the efficiency of vulnerability management, and optimize operations.

We will continue to support corporate security measures through SIDfm, aiming to create a safer IT environment.

・ SIDfm VM service site: https://sid-fm.com/vm/

<Currently supported network devices>
Fortinet FortiOS, F5 Networks BIG-IP, ArubaOS, Cisco IOS XE, Cisco IOS XR, Cisco IOS, Cisco NX-OS, A10 Networks ACOS, SonicWall SonicOS, Alaxala Networks AX-series

We plan to gradually add more compatible devices. The future compatible devices are as follows:
YAMAHA RTX-series, Juniper Networks Junos OS, Ivanti Connect Secure, Pulse Secure Pulse Connect Secure

■About the vulnerability information collection and management tool "SIDfm"
SIDfm is a vulnerability information collection and management tool that streamlines vulnerability response operations. It automatically collects and accumulates vulnerability information for OS, applications, and network products from around the world. With a function that allows you to quickly identify only the information that is necessary for your company, you can see at a glance the vulnerabilities that need to be addressed and the details of the measures to be taken. In addition, it can even record and manage the progress of vulnerability countermeasures.

The biggest feature of "SIDfm" is the quality of its content. Security analysts interpret metadata from NVD, KEV, vendor advisory information, JVN, and other sources from an expert perspective, assess risk, and provide vulnerability information with "unique indicators" and "explanations in Japanese." With just the information from "SIDfm," you can immediately understand and grasp the affected versions and countermeasures in Japanese from the overview, allowing you to focus resources on addressing vulnerabilities that should be prioritized.

About Cyber Security Cloud, Inc.
Address: 13th floor, JR Tokyu Meguro Building, 3-1-1 Kami-Osaki, Shinagawa-ku, Tokyo
Representative: Toshihiro Koike Representative Director, President and CEO
Established: August 2010
URL: https://www.cscloud.co.jp/
With the corporate philosophy of "creating a cyberspace that people all over the world can use safely and securely," we are a Japanese security manufacturer that provides vulnerability information collection and management tools and fully managed security services for cloud environments, centered on web application security services that make full use of the world's leading cyber threat intelligence. As one of the global companies in cybersecurity, we will contribute to solving social issues related to cybersecurity and provide added value to society.