arrow down
Arrow down
Arrow down
Arrow down

Platform honored for simplifying vulnerability management in network devices and end-points 

During a very busy RSA Conference, Forward Networks was named a market leader in vulnerability assessment, remediation, and management at the 12th annual Global Infosec Awards hosted by Cyber Defense Magazine. This is the second consecutive year that Forward Networks has taken top honors in security. 

Last year, NIST published 28,902 critical vulnerabilities. The volume and complexity of vulnerabilities make it virtually impossible for IT teams to ensure they are not vulnerable to cyberattacks. Forward Networks helps organizations ensure they are not exposed by creating a network digital twin that identifies exactly which vulnerabilities are present in the network and their severity and then delivers a prioritized remediation plan. Forward’s secure, agentless collection method gathers current device and state information and combines it with Forward’s proprietary mathematical model to create a digital twin of the network.  

It can be difficult to prioritize which vulnerabilities and devices should be updated first. Monitoring the latest descriptions and automatically checking them against the device configurations in the network is best performed by software. Forward Networks eliminates manual, error-prone hunting for those configurations on every single “possibly affected” device. The platform delivers an always accurate list of devices that are actually vulnerable. Remediation efforts can then be prioritized based on risk severity.  

Forward Exposure Analysis combines the host vulnerability data provided by vulnerability scanners like Rapid7 or Tenable with Forward Networks' modeling capabilities to help security teams prioritize vulnerability remediation. By integrating with these tools, Forward Networks empowers security teams to identify in seconds any impacted hosts with critical vulnerabilities that can be accessed from the Internet or any other critical exposure point. This provides SecOps teams with unprecedented visibility into their security posture and helps them prioritize vulnerability remediation with mathematical certainty.  

Many tools evaluate device vulnerabilities, but without the knowledge of how that device is connected to the network, SecOps teams only have a limited view of potential exposure. With established Rapid7 and Tenable integrations, Forward Networks is the only company that can show an organization’s actual risk, including on-premises, multi-cloud, and SD-WAN in an actionable, single screen.  

One of Forward’s customers confided, “Prior to adopting Forward Enterprise, the number of CVEs overwhelmed staff, and we were unable to respond to them all. We claimed the network was in compliance, even though we could not prove it. With Forward Enterprise, we immediately know if a CVE impacts our network, its severity, and have a remediation plan.”  

To learn more about how Forward Networks supports CVE remediation, read the use case or request a personalized technical session with one of our field engineers.

Recently, a critical vulnerability, CVE-2024-3400, was discovered in the Palo Alto Networks PAN-OS software, posing a substantial risk to affected systems. In this blog post, we will discuss the nature of this vulnerability and how Forward Networks can assist organizations in swiftly identifying and addressing their risk exposure.

Understanding CVE-2024-3400:

CVE-2024-3400 is classified as a command injection vulnerability and specifically affects the GlobalProtect feature of Palo Alto Networks PAN-OS software. This vulnerability, present in certain PAN-OS versions and specific feature configurations, enables an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.

Forward Networks OS Vulnerability feature enables customers to immediately identify if their PAN-OS software versions and feature configurations are susceptible to CVE-2024-3400. The easy-to-read report is also exportable, including details on which (if any) devices are impacted to make remediation a simple process.

Example vulnerability report indicating the presence of CVE-2024-3400
Example vulnerability report indicating the presence of CVE-2024-3400

The Forward Enterprise network digital twin is integrated with the National Vulnerability Database (NVD) – in this case, from the NIST website – to provide customers with always accurate insights into their network infrastructure's vulnerability status. API integration with third party applications such as Tenable and Rapid 7 delivers users insights into end-point vulnerability and provides prioritized remediation plans.

To learn more about the Vulnerability Assessment capabilities in Forward Enterprise, please read the use case or view the demo.

In the fast-paced world of cybersecurity, Security Operations (SecOps) teams face an ever-evolving landscape of threats and challenges. As a professional in the NetOps, SecOps, or CloudOps field, you understand the critical importance of staying ahead of cyber adversaries and safeguarding your network infrastructure. That's where Forward Networks steps in, offering innovative solutions that revolutionize SecOps by supercharging your network insights and capabilities.

Our Co-Founder, Nikhil Handigol offers "5 Ways to Supercharge SecOps with Network Insights," where he unveils how SecOps engineers can elevate their SecOps game using digital twin technology. Let's explore five key takeaways that can transform the way you approach security operations:

1. Unlocking Vulnerability Management: Navigating the vast sea of vulnerabilities across servers and applications can be daunting. With a true network digital twin, you can instantly see which vulnerabilities are present in your network ranked by severity, making it easy to prioritize remediation and have mathematical confidence the network is compliant.

2. Attack Surface Management: Understanding your network's attack surface is crucial in fortifying your defenses against cyber threats. With Forward Networks' advanced capabilities, proactively identify areas where your network is out of compliance and analyze your exposure. By visualizing attack vectors and vulnerable hosts, you can proactively defend your network infrastructure.

3. Harnessing the Power of Software: Modern networks demand sophisticated solutions that go beyond use-specific tools. By leveraging network digital twin technology, you can validate your network's security posture with precision. Say goodbye to manual validation processes and embrace the efficiency of AI-driven insights.

4. Enhancing Network Visibility: In the realm of SecOps, visibility is key. Forward Networks' digital twin empowers security engineers with comprehensive insights into network connectivity and configurations. Real-time visibility into your network's traffic flow and behavior enables proactive threat detection and rapid incident response.

5. Transforming Security Operations with Network Insights: Unleash the full potential of your Security Operations Center (SoC) by integrating network insights into your security strategy. With Forward Networks' cutting-edge solutions, bridge the gap between network operations and security, fostering collaboration and efficiency across teams.

Are you eager to learn more? Nikhil goes into greater detail and demonstrates how the network insights delivered by true digital twin technology can supercharge SecOps teams. View the session on demand.

Join the revolution in SecOps with Forward Networks and embrace a future where network security knows no bounds. Stay tuned for more insights, advancements, and partnerships that shape the future of cybersecurity.

SANTA CLARA, Calif., Dec. 13, 2023 /PRNewswire/ -- Forward Networks announced today that it has been named to the Fortune Magazine 2023 Cyber 60 List. Fortune compiled this prestigious list of the 60 most successful companies in the cybersecurity space after reviewing a pool of several hundred entries.

Forward Networks is modernizing the way large networks are managed by providing actionable, accessible, and insightful data that puts operators back in control of the network. Forward's advanced software creates a mathematical model, or digital twin, of the network by collecting and analyzing state and configuration data across all network devices and public cloud environments. The digital twin delivers an always-accurate topology, calculates all possible paths within the network, analyzes detailed behavioral information, makes network configuration and behavior searchable and verifiable, and proves security compliance. Forward Networks' digital twin supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.

"Robust cybersecurity depends on detailed and accessible network data," said David Erickson, CEO and Co-Founder of Forward Networks. "Several years ago our customers asked us to create features that helped the SecOps team ensure compliance, remediate attacks, and ensure the overall health of their security posture. We've made significant investments in delivering on this request.  Being named to the 2023 Fortune Cyber 60 list is a tremendous honor that validates the security benefits of our network digital twin. We're continuing to develop new security features to protect the network."

Forward Enterprise enables SecOps teams to find misconfigurations and vulnerabilities on hosts and devices before a breach occurs. Using data collected from the network, integration with the NIST database, and integrations with vulnerability scanning and assessment tools, the platform identifies risks and delivers a prioritized remediation plan for SecOps teams. Forward Enterprise's security features include:

About the Fortune Cyber 60
The Cyber 60 was generated from a list of over 200 private cybersecurity companies based on data about funding rounds and valuation from Pitchbook. The companies selected were surveyed and asked to provide growth rate and revenue data in bands, to indicate their relative strength and success in the market. Publicly accessible reporting and other market data were used to add companies to the Pitchbook list. Respondents were required to provide data in order to be considered for the list. FORTUNE reviewed the data and list selection criteria with Lightspeed to ensure a fair and unbiased process. Some companies that chose not to provide data were considered for inclusion on the final list based on previously reported publicly available information. Lightspeed's Enterprise Investment Committee reviewed the final composition of the list prior to publication, in conjunction with FORTUNE. No private data or preferential treatment was given to Lightspeed portfolio companies.

By Chiara Regale, VP of Product Management

According to Gartner’s 2023 Emerging Technologies and Trend Impact Radar, Digital Twin technology is shown as having a significant impact in the next one to three years, but what exactly does this technology do? The easiest way to think about a digital twin is Google Maps. Not only does the map provide a digital representation of the roadway, but everything along the route; all of the assets that make up the community, the various stores, gas stations, construction projects, crosswalks, schools etc.

Digital twins are commonly used in various industries, including manufacturing, engineering, healthcare, transportation, and smart cities. They enable organizations to gain insights, optimize performance, and make informed decisions about their physical assets or processes...


Security teams rely on vulnerability scanners to proactively locate vulnerabilities in network
devices, hosts, and applications. These tools help improve the overall security posture of the
network by remediating exposure before bad actors have an opportunity to exploit it.
Although incredibly helpful, the data delivered by these tools is often overwhelming and not
presented in an actionable manner.

Forward Exposure Analysis helps security teams prioritize vulnerability remediation by combining the host vulnerability data provided by vulnerability scanners like Rapid7 InsightVM or Tenable Security Center with Forward Networks' modeling capabilities. By integrating with these popular tools, Forward Networks empowers security teams to identify in seconds any impacted hosts with critical vulnerabilities that can be accessed from the Internet or any other critical exposure point.

The Forward Enterprise platform helps make sense of the extensive data provided by vulnerability scanners by categorizing the data into three segments: Exposure Points, Overview, and Vulnerability Report. The Exposure Points default to the internet, but users can add additional exposure points like VPN connections. The Overview provides a high-level analysis that makes it easy to identify the number of vulnerable hosts and whether those hosts are modeled by Forward Enterprise. The Vulnerability report is perhaps the most valuable, detailing every vulnerable host that is exposed. Exposed host reporting includes:

To see the Exposure Analysis feature in action please watch a short video:

When you think of Cisco Live Las Vegas, what’s the first thing that comes to mind? Is it s'mores, camping, and kayaking? It is for us, which is why we invite you to take some time from the hustle and bustle of the show to relax with us. 

Forward Networks is the only platform that prevents network fires by giving you all the data you need to ensure your network stays in policy and behaves exactly as expected. It takes a lot of stress off of Network Architects and has helped global companies retake control of their hybrid, multi-cloud environments.   

Stop by our tent and talk with one of our technical experts about your worst network challenges, and we’ll work through exactly how to solve it. While you’re in the booth, register to win a YETI cooler and Fuse mountain bike. 

We have lots going on at the show and look forward to seeing you there! 


1:1 Technical Sessions  

Share your networking goals and challenges with one of our field engineers, and we'll provide custom recommendations that address your security, cloud, and network operations challenges. By attending a session, you'll also be entered into an exclusive drawing for an Oru Kayak. If you aren't able to attend Cisco Live but use the link below to schedule an online session, you'll still be entered in the drawing. 

Request a Meeting and Enter to Win a Kayak 

Monday, June 5 

Speaking Session 12:00 - 12:30 p.m. 

Join cofounder and CTO, Brandon Heller, to learn how to “Tame your Beast” – Top 5 Network Issues That a Digital Twin Can Solve in Under a Week.  

If your network beast includes hardware and software from dozens of vendors, spread across multiple data centers and clouds, and runs mission-critical applications with challenging security requirements… then join this 30-minute session featuring real-life examples from large, “beastly” enterprise networks that found a path to reliability, agility, and security. 

Tuesday, June 6 

Speaking Session 12:10 - 12:20 p.m. 

Join cofounder, Nikhil Handigol to learn how to Supercharge your SecOps with Data Insight.  

Join this 10-minute session for lightning demos of two of the best security features of Forward Enterprise that have transformed Vulnerability Management and Incident Management for our customers. Nikhil will explain how a mathematical model, or “digital twin,” of your network enables SecOps teams to prioritize vulnerabilities and respond to security incidents faster and with greater accuracy.  

Headline grabbing vulnerabilities, like SolarWinds and Log4Shell, target management software and end hosts, but if you search for “most exploited vulnerabilities” on Google, you will quickly learn that some of them directly target network and security devices as well as server load balancers.

These are the 3 most exploited CVEs in the last couple of years:

Would you be surprised to learn that network device operating systems can be vulnerable to security flaws like any other software? To remediate this risk, network and security administrators need a vulnerability management program in place. Having the right processes and technology in place can save time while protecting the network security posture.

A common approach is to split vulnerability management into two phases:

  1. Build a list of affected devices and related vulnerabilities
  2. Prioritize and address these vulnerabilities

Build a list of affected devices and related vulnerabilities 

Publicly disclosed security vulnerabilities have an assigned CVE (Common Vulnerabilities and Exposures) ID number and a severity level based on their impact. CVEs help you to coordinate the efforts to prioritize and address these vulnerabilities to make systems and networks more secure. Most enterprise networks have evolved over time and include devices from several vendors running multiple versions of operating systems. Knowing that a vulnerability was announced doesn’t give a clear picture of the organization's correlative risk.  

Large enterprises do their best to keep an accurate inventory of devices and their state, but given that most companies have experienced mergers, IT department turnover, and are resource constrained, this inventory is rarely current. Because networking vendors typically fix security vulnerabilities by issuing a new OS version, a detailed and up-to-date inventory is paramount. Trying to conduct this analysis manually is expensive, time-consuming, and error prone.

To make the analysis easier, faster, and more reliable, Forward provides a network devices vulnerability analysis that automatically compares the CVE information from the NIST National Vulnerability Database (NVD) with OS version running on the devices in your network.

This analysis provides a list of all possibly affected devices and related vulnerabilities. “Why possibly affected?” you might ask. Keep on reading and you will find out why.

The following screenshot shows an example of network vulnerability analysis in the Forward UI.

Fig 1: Forward device vulnerability analysis

The summary at the top shows the number of CVEs detected as well as the number of devices impacted.

The table shows a summary view of the CVEs including CVE ID, Severity, Description, Impacted OS, Impacted versions, and the number of Possibly impacted devices.

The Details page shows you information about devices that are impacted by that CVE like Device, Model, OS version, and Management IPs.

Fig 2: CVE details page

Prioritize and address vulnerabilities

One of the fundamental issues is that the number of vulnerabilities and devices affected can be overwhelming, making it difficult to prioritize which devices should be updated first. Filtering vulnerabilities by severity provides some help but typically the number of Critical and High severity vulnerabilities is still so high that it‘s challenging to determine a starting point. This is where the notion of “possibly affected devices” becomes pertinent. Some vulnerabilities can impact a device only if specific configurations are present, a specific feature is turned on, or they are deployed in a way that is explained in the CVE. This information is not in the NIST database, network engineers have to research vendor sites such as the Cisco Security Advisory repository to get this level of detail. 

There’s a better way

Monitoring the latest descriptions and automatically checking them against the device configurations in your network is best performed by software — it frees up highly skilled engineers to spend time on proactive strategic initiatives and is far more accurate. For many NOC teams, this capability would be A dream come true, or Like Christmas came early, right?

Well, that is exactly what Forward Enhanced Vulnerability Analysis provides!!

No more manual, tedious, and error-prone hunting for those configs on every single “possibly affected” device, one by one, that would take forever.

Just an always accurate, always updated list of devices that are actually vulnerable! Remediation efforts can be prioritized based on risk severity to ensure effort is directed to keeping the network as safe as possible.The screenshot below shows the Detected based on field. This field indicates that there is an at-risk device in the network that matches the OS version only (OS version match) or is running the impacted OS version and matches the vulnerable configuration (Config match).

Fig 3: Filtering by detection type

Additional resources

Watch this 3 minute video:

Read the use case to learn more about how Forward Enterprise can help limit your CVE exposure. Stay tuned with Forward Networks announcements because some great new innovations about vulnerabilities are...coming soon...

Top cross