SANTA CLARA, Calif., Dec. 13, 2023 /PRNewswire/ -- Forward Networks announced today that it has been named to the Fortune Magazine 2023 Cyber 60 List. Fortune compiled this prestigious list of the 60 most successful companies in the cybersecurity space after reviewing a pool of several hundred entries.

Forward Networks is modernizing the way large networks are managed by providing actionable, accessible, and insightful data that puts operators back in control of the network. Forward's advanced software creates a mathematical model, or digital twin, of the network by collecting and analyzing state and configuration data across all network devices and public cloud environments. The digital twin delivers an always-accurate topology, calculates all possible paths within the network, analyzes detailed behavioral information, makes network configuration and behavior searchable and verifiable, and proves security compliance. Forward Networks' digital twin supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.

"Robust cybersecurity depends on detailed and accessible network data," said David Erickson, CEO and Co-Founder of Forward Networks. "Several years ago our customers asked us to create features that helped the SecOps team ensure compliance, remediate attacks, and ensure the overall health of their security posture. We've made significant investments in delivering on this request.  Being named to the 2023 Fortune Cyber 60 list is a tremendous honor that validates the security benefits of our network digital twin. We're continuing to develop new security features to protect the network."

Forward Enterprise enables SecOps teams to find misconfigurations and vulnerabilities on hosts and devices before a breach occurs. Using data collected from the network, integration with the NIST database, and integrations with vulnerability scanning and assessment tools, the platform identifies risks and delivers a prioritized remediation plan for SecOps teams. Forward Enterprise's security features include:

About the Fortune Cyber 60
The Cyber 60 was generated from a list of over 200 private cybersecurity companies based on data about funding rounds and valuation from Pitchbook. The companies selected were surveyed and asked to provide growth rate and revenue data in bands, to indicate their relative strength and success in the market. Publicly accessible reporting and other market data were used to add companies to the Pitchbook list. Respondents were required to provide data in order to be considered for the list. FORTUNE reviewed the data and list selection criteria with Lightspeed to ensure a fair and unbiased process. Some companies that chose not to provide data were considered for inclusion on the final list based on previously reported publicly available information. Lightspeed's Enterprise Investment Committee reviewed the final composition of the list prior to publication, in conjunction with FORTUNE. No private data or preferential treatment was given to Lightspeed portfolio companies.

I hate spiders, a lot. But I really hate the idea of a Scattered Spider Attack which can jump between environments that you may have believed were segmented at an alarming rate. That is the stuff of real nightmares for networking and security professionals.

Keeping up with your security posture isn’t easy. We’re all doing our best, but is it good enough? One CISO we talked to hired a consulting firm to map out their security posture. $3 million and 3 months later, they had a security posture matrix that was already out of date. Understanding your security posture is priceless, but only if the information is accurate. This is precisely the knowledge that the SecOps team would need to stop such an attack in its tracks.

Can your organization visualize lateral movement in your network to understand what an attacker can potentially access once inside your network? There may be diagrams that could show this level of data, but let's face it: how often are these updated? The same holds for spreadsheets; this connectivity may live in several spreadsheets, but even if they are updated promptly, how can you correlate this data in an easy-to-understand way? Teams need to understand the potential fallout from the point of view of a compromised host. This is all just in your on-premise infrastructure; what happens when you add the cloud? You just increased the difficulty of obtaining a clear picture of how an attacker can laterally move around the network to impossible.

Using Forward Enterprise's Blast Radius feature gives the appropriate team unprecedented visibility into data that is impossible to piece together in a timely manner without a network digital twin. This gives operators a view into the environment like they have never had before. Suppose you suspect a host is compromised or would like to do a routine audit to ensure your segmentation policies are configured as they should be. By using Forward’s Blast Radius feature, you can see data for both on-premise and cloud endpoints to instantly identify all devices reachable by a compromised host to streamline remediation efforts by quickly disabling the port the device is connected to. This is done for both on-premise devices and in the cloud if there is an integration with endpoint vulnerability scanners like Rapid7 and Tenable.SC to pull in and see pertinent information about the device's vulnerabilities.

By Chiara Regale, VP of Product Management

According to Gartner’s 2023 Emerging Technologies and Trend Impact Radar, Digital Twin technology is shown as having a significant impact in the next one to three years, but what exactly does this technology do? The easiest way to think about a digital twin is Google Maps. Not only does the map provide a digital representation of the roadway, but everything along the route; all of the assets that make up the community, the various stores, gas stations, construction projects, crosswalks, schools etc.

Digital twins are commonly used in various industries, including manufacturing, engineering, healthcare, transportation, and smart cities. They enable organizations to gain insights, optimize performance, and make informed decisions about their physical assets or processes...

[READ MORE on THE FAST MODE]

Cybersecurity is front and center as part of our national defense strategy. Civilian networks responsible for life-sustaining services such as water and power must be protected with the same vigor as networks that host sensitive data.

To accomplish this the Department of Homeland Services developed the Continuous Diagnostics and Mitigation (CDM) program in 2012. CDM supports government-wide and agency-specific efforts to provide risk-based, cost-effective cybersecurity solutions for protecting federal civilian networks by providing financial assistance to civilian government agencies as they focus on improving their security posture by:

Forward Networks is an approved vendor in all 8 functional capability categories. The data collected and analyzed by the Forward Networks platform is instrumental to ensuring that the network security posture matches expectations.

Knowledge-driven Security

Forward Enterprise helps agencies comply with CISA Binding Operational Directive (BOD) 23-1. Using Forward Enterprise, security professionals can identify vulnerabilities before becoming a threat. Because Forward Networks can scan your network multiple times per day without performance degradation, it delivers timely, actionable alerts to security professionals. In conjunction with third-party application integrations, the level of detail in alerts empowers engineers to remediate any errant configurations or known critical vulnerabilities before they cause an incident. The three most popular security use cases are:

To learn more about Forward Networks’ work with federal agencies, visit https://www.forwardnetworks.com/federal/.

Headline grabbing vulnerabilities, like SolarWinds and Log4Shell, target management software and end hosts, but if you search for “most exploited vulnerabilities” on Google, you will quickly learn that some of them directly target network and security devices as well as server load balancers.

These are the 3 most exploited CVEs in the last couple of years:


Would you be surprised to learn that network device operating systems can be vulnerable to security flaws like any other software? To remediate this risk, network and security administrators need a vulnerability management program in place. Having the right processes and technology in place can save time while protecting the network security posture.

A common approach is to split vulnerability management into two phases:

  1. Build a list of affected devices and related vulnerabilities
  2. Prioritize and address these vulnerabilities

Build a list of affected devices and related vulnerabilities 

Publicly disclosed security vulnerabilities have an assigned CVE (Common Vulnerabilities and Exposures) ID number and a severity level based on their impact. CVEs help you to coordinate the efforts to prioritize and address these vulnerabilities to make systems and networks more secure. Most enterprise networks have evolved over time and include devices from several vendors running multiple versions of operating systems. Knowing that a vulnerability was announced doesn’t give a clear picture of the organization's correlative risk.  

Large enterprises do their best to keep an accurate inventory of devices and their state, but given that most companies have experienced mergers, IT department turnover, and are resource constrained, this inventory is rarely current. Because networking vendors typically fix security vulnerabilities by issuing a new OS version, a detailed and up-to-date inventory is paramount. Trying to conduct this analysis manually is expensive, time-consuming, and error prone.

To make the analysis easier, faster, and more reliable, Forward provides a network devices vulnerability analysis that automatically compares the CVE information from the NIST National Vulnerability Database (NVD) with OS version running on the devices in your network.

This analysis provides a list of all possibly affected devices and related vulnerabilities. “Why possibly affected?” you might ask. Keep on reading and you will find out why.

The following screenshot shows an example of network vulnerability analysis in the Forward UI.

Fig 1: Forward device vulnerability analysis

The summary at the top shows the number of CVEs detected as well as the number of devices impacted.

The table shows a summary view of the CVEs including CVE ID, Severity, Description, Impacted OS, Impacted versions, and the number of Possibly impacted devices.

The Details page shows you information about devices that are impacted by that CVE like Device, Model, OS version, and Management IPs.

Fig 2: CVE details page

Prioritize and address vulnerabilities

One of the fundamental issues is that the number of vulnerabilities and devices affected can be overwhelming, making it difficult to prioritize which devices should be updated first. Filtering vulnerabilities by severity provides some help but typically the number of Critical and High severity vulnerabilities is still so high that it‘s challenging to determine a starting point. This is where the notion of “possibly affected devices” becomes pertinent. Some vulnerabilities can impact a device only if specific configurations are present, a specific feature is turned on, or they are deployed in a way that is explained in the CVE. This information is not in the NIST database, network engineers have to research vendor sites such as the Cisco Security Advisory repository to get this level of detail. 

There’s a better way

Monitoring the latest descriptions and automatically checking them against the device configurations in your network is best performed by software — it frees up highly skilled engineers to spend time on proactive strategic initiatives and is far more accurate. For many NOC teams, this capability would be A dream come true, or Like Christmas came early, right?

Well, that is exactly what Forward Enhanced Vulnerability Analysis provides!!

No more manual, tedious, and error-prone hunting for those configs on every single “possibly affected” device, one by one, that would take forever.

Just an always accurate, always updated list of devices that are actually vulnerable! Remediation efforts can be prioritized based on risk severity to ensure effort is directed to keeping the network as safe as possible.The screenshot below shows the Detected based on field. This field indicates that there is an at-risk device in the network that matches the OS version only (OS version match) or is running the impacted OS version and matches the vulnerable configuration (Config match).

Fig 3: Filtering by detection type

Additional resources

Watch this 3 minute video:

Read the use case to learn more about how Forward Enterprise can help limit your CVE exposure. Stay tuned with Forward Networks announcements because some great new innovations about vulnerabilities are...coming soon...

There is no shortage of alerts concerning security vulnerabilities. Unfortunately, the deluge of data available is overwhelming and not specific enough to be actionable. We don’t think that’s very helpful, so we’ve integrated our platform with Rapid7 InsightVM to ensure that our customers have full visibility into their security posture, including endpoints, and that they know how to prioritize remediation.

The Forward Enterprise platform already collects detailed topology, configuration, and state information across the on-premises network. This information and our mathematical model is used to create a digital twin of the network capable of determining all possible traffic paths. Combining this data with the end-point security visibility and analytics of Rapid7 provides SecOps teams unprecedented visibility into their security posture and helps them prioritize vulnerability remediation with mathematical certainty: SecOps teams are now able to identify within seconds which end-host impacted by critical vulnerabilities can be accessed from the internet and which compromised end-hosts can access internal critical infrastructure.

Given the ever-worsening security talent shortage, SecOps teams cannot afford to waste a single second. There are many tools that evaluate device vulnerabilities, but without the knowledge of how that device is connected to the network, security teams only have a limited view of potential exposure. Often, they choose to focus on keeping devices up to date no matter what vulnerabilities are detected, or they focus on vulnerabilities without considering the exposure of individual systems and devices. With the Rapid7 integration, Forward Networks is the only company that can show an organization’s actual risk including on-premises, multi-cloud, and SD-WAN in an actionable single screen. This type of data presentation helps teams focus on the work that will most impact the network.

The Rapid7 integration is part of Forward Networks’ ongoing commitment to support security professionals with actionable data, so less time is spent reacting, and more time is spent enhancing the security posture.

The Rapid7 integration is included in standard Forward Enterprise licensing at no additional cost. Learn more about the security capabilities of Forward Enterprise at: www.forwardnetworks.com/security

Last June, Forward Networks announced several enhancements to the platform designed to help SecOps teams prove compliance, automate CVE (common vulnerabilities and exposures) responses, and remediate threats quickly.

Today, we’re happy to share that we’ve continued to build out our security use cases by adding new functionality to our security posture security matrix (previously known as zone-to-zone security matrix) and delivering Layer 7 application connectivity analysis. The enhancements will help security teams quickly verify compliance with mathematical certainty or instantly identify unwanted connectivity or isolation at L2, L4, and L7.

New options for defining security zones

In its initial release, the security posture matrix feature used firewall rules to determine if zones had full, partial, or zero connectivity (and if the isolation was intentional or due to misconfiguration). We used this methodology in our first release because it's commonly relied on and understood by enterprise IT shops. However, with our expansion into the cloud and continued focus on providing value to our customers with minimal change to their routines, we’ve added new ways to define zones using the L2 through L4 segmentation methodology they’ve employed in their network, e.g. VRFs, on-premises and cloud subnets, and cloud security groups. This enhancement provides engineering teams the flexibility to view the matrix in the same manner as they’ve segmented their network.

In the Security Posture matrix, admins can immediately see which zones have full connectivity, partial connectivity, or zero connectivity (full isolation). Unlike traditional security tools, Forward Enterprise analyzes L2 through L4 traffic patterns, which makes it simple for administrators to determine if isolation is due to security policies or if access is dropping due to a misconfigured router, thus giving a full picture of what is happening, and why it is happening in a single-pane-of-glass.

Layer 7 Security Analysis

As security becomes more advanced, vendors such as Palo Alto Networks and Silver Peak have added the ability to regulate connectivity at L7 using attributes such as user IDs, user group IDs, and application IDs. This gives administrators more flexibility and granular control for protecting the network. To ensure that this flexibility comes with insight, Forward Enterprise has added path search capabilities at L7. Now, using the same procedure as L2 and L4 path tracing, administrators can construct more intelligent queries that detail connectivity and security posture at the application and user ID level.

By providing connectivity traceability at L7, we are enriching the troubleshooting capabilities for administrators, so they spend less time trying to define the problem and more time on proactive strategic initiatives. Within seconds, a path trace can determine if a connectivity issue is caused by application configuration or device configuration, putting the administrator that much closer to solving the issue.

As always, we are committed to making hard things easy for operations engineers. We are excited to offer these new capabilities within the platform and will continue to find new ways to glean insight into network behavior and present them in a normalized (vendor agnostic), intuitive, and actionable manner.

Forward Enterprise Makes the Cloud More Agile, Predictable, and Secure

SANTA CLARA, Calif., Feb. 23, 2022 /PRNewswire/ -- Forward Networks, the only company offering visibility and intent capabilities across the entire network estate, including on-premises, hybrid-cloud, private cloud, public cloud, and multi-cloud instances, today announced enhancements to the Forward Enterprise platform. Forward Enterprise now provides unprecedented visibility into network configuration and behavior in an actionable, vendor-agnostic format, enabling all organizations to conduct business in the cloud with certainty. In addition, the new cloud capabilities give IT teams a 360-degree view of both physical and virtual environments, as well as a single pane of glass for end-to-end in-depth connectivity analysis and policy and security verification.

Forward Enterprise creates a digital twin of an enterprise environment across on-premises devices, as well as hybrid multi-cloud environments. IT teams can instantly troubleshoot, verify intent, and predict network behavior by computing all possible traffic paths. The new platform enhancements also ensure security policies are enforced and prevent costly multi-cloud routing mistakes.

"For enterprises running large and complex networks, the cloud promised agility, economics, and security, but it has delivered complexity, expense, and risk," said David Erickson, Co-Founder and CEO, Forward Networks. "Our new platform enhancements were developed after listening to our customers detail their pain points and will help enterprises take the next right step in their cloud journey. They now have the same visibility and transparency into multi-cloud network traffic as on-prem environments and can be confident that they have the necessary information to make networks more reliable and secure."

CLOUD WITH CONFIDENCE
Unlike the proprietary tools cloud providers offer subscribers, Forward Enterprise provides visibility, insight, and troubleshooting capabilities across multiple clouds. Using this insight, professionals can often remediate potential problems before they materialize, saving time and money. Forward Enterprise is the only platform on the market capable of building a software model of all major networking vendors and services at scale, including for hybrid multi-cloud environments. It also offers complete integration with the top cloud platforms, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). In addition, the platform computes all possible traffic paths for unparalleled insight into network behavior, including how some changes can impact network behavior and compliance verification.

The new capabilities are generally available today, and pricing is based on pay-as-you-grow cloud consumption that does not require a large upfront investment.

About Forward Networks
Forward Networks is revolutionizing the way large networks are managed. Forward's advanced software delivers a "digital twin" of the network, enabling network operators to verify intent, predict network behavior, and simplify network management. The platform supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.

Forward Networks was founded in 2013 by four Stanford Ph.D. graduates and is headquartered in Santa Clara, California. Investors include Goldman Sachs, Andreessen Horowitz, Threshold Ventures, and A. Capital.

Top cross