Cybersecurity Team of the Year – Forescout’s Vedere Labs
Photo Gallery
Cybersecurity Team of the Year – Forescout’s Vedere Labs
Additional Info
Job title of nominated professional (or team name) | Forescout’s Vedere Labs |
Company (where nominated professional or team is working) | Forescout |
Website | https://www.forescout.com/ |
Company size (employees) | 1,000 to 4,999 |
Country | United States |
Headquarters Region | North America |
Overview
Research plays a vital role in helping organizations worldwide stay ahead of current and emerging threat scenarios. Forescout’s research team, Vedere Labs, is dedicated to increasing the visibility of cybersecurity threats and providing mitigation steps that organizations can implement to protect themselves. Vedere Labs gathers intelligence on cyber threats by discovering new attack vectors, analyzing tactics, techniques and procedures (TTPs), and quantifying the global impact of new and evolving threats. The team
enhances risk identification by leveraging insights from The Forescout Device Cloud– one of the world’s largest device repositories containing more than 12 million devices of all types (IT, IoT, IoMT and OT) from more than 1,000 customers who share anonymized device insights. These insights inform the analysis of more than 150 attributes per device to bring increased
intelligence and improved auto-classification to Vedere Labs and the Forescout Continuum Platform.
Vedere Labs shares its insights with the broader cybersecurity community (cybersecurity agencies and researchers, software organizations, governments and device manufacturers) for enhanced incident response, through channels like threat feeds, government advisories, alert systems and via Forescout’s Global Cyber Intelligence Dashboard. Most recently, Vedere Labs shared analysis and mitigation guidance for
critical cyber threats related to OT insecure-by-design functions affecting devices from major OT manufacturers (OT:ICEFALL); a proof-of-concept ransomware that exploits IoT devices to gain access to IT networks and move laterally to impact OT devices (R4IoT); and new vulnerabilities affecting hundreds of medical and IoT device models (Access:7).
Vedere Labs also collaborates with analysts from Forescout’s complimentary threat hunting, risk identification and incident response service– Forescout Frontline– to gather risk insights and mitigation strategies for threats that may otherwise go unnoticed. This service helps understaffed and under-resourced teams combat the rise in scale and speed of cyberattacks, enabling them to defend against cyberattacks.
Accomplishments
Vedere Labs continues to release incredibly critical research on major device vulnerabilities as well as increasingly sophisticated cyberthreats that are on the horizon. In June 2022, Vedere Labs, brought to light one of the largest disclosures of OT security vulnerabilities through its OT:ICEFALL research, uncovering 56 vulnerabilities and insecure-by-design practices for securing OT systems that impact devices from major manufacturers such as Siemens, Emerson and Honeywell. In addition to vulnerability discoveries, Vedere Labs released a first of its kind proof-of-concept for Ransomware for IoT (R4IoT) in June 2022 that informed organizations on the operational and business repercussions that could occur if ransomware infiltrates and exploits IoT devices to gain access into their IT and OT networks Alongside these and other discoveries, Vedere Labs provides mitigation guidance to enable organizations to proactively defend against evolving threats.
- The Forescout Device Cloud is one of the world’s largest device repositories that contains more than 12 million devices of all types (IT, IoT, IoMT and OT) from more than 1,000 customers who share anonymized device insights. These insights inform the analysis of more than 150 attributes per device to bring increased device intelligence and improved auto-classification to Vedere Labs and the Forescout Continuum Platform.
- Vedere Labs supports numerous threat intelligence services from Forescout that keep customers and the broader cybersecurity community aware of the current cyber threat landscape. For example, Vedere Labs shares its vulnerability disclosures and threat monitoring reports via channels like threat feeds, government/CISA advisories, alert systems
and via Forescout’s Global Cyber Intelligence Dashboard. In addition to this information sharing resource, Forescout launched a complimentary threat hunting service, Forescout Frontline, to help organizations defend against cyberattacks by proactively identifying risks and developing mitigation strategies for teams that would not otherwise have the resources to protect themselves.