SANTA CLARA, Calif., Dec. 13, 2023 /PRNewswire/ -- Forward Networks announced today that it has been named to the Fortune Magazine 2023 Cyber 60 List. Fortune compiled this prestigious list of the 60 most successful companies in the cybersecurity space after reviewing a pool of several hundred entries.

Forward Networks is modernizing the way large networks are managed by providing actionable, accessible, and insightful data that puts operators back in control of the network. Forward's advanced software creates a mathematical model, or digital twin, of the network by collecting and analyzing state and configuration data across all network devices and public cloud environments. The digital twin delivers an always-accurate topology, calculates all possible paths within the network, analyzes detailed behavioral information, makes network configuration and behavior searchable and verifiable, and proves security compliance. Forward Networks' digital twin supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.

"Robust cybersecurity depends on detailed and accessible network data," said David Erickson, CEO and Co-Founder of Forward Networks. "Several years ago our customers asked us to create features that helped the SecOps team ensure compliance, remediate attacks, and ensure the overall health of their security posture. We've made significant investments in delivering on this request.  Being named to the 2023 Fortune Cyber 60 list is a tremendous honor that validates the security benefits of our network digital twin. We're continuing to develop new security features to protect the network."

Forward Enterprise enables SecOps teams to find misconfigurations and vulnerabilities on hosts and devices before a breach occurs. Using data collected from the network, integration with the NIST database, and integrations with vulnerability scanning and assessment tools, the platform identifies risks and delivers a prioritized remediation plan for SecOps teams. Forward Enterprise's security features include:

About the Fortune Cyber 60
The Cyber 60 was generated from a list of over 200 private cybersecurity companies based on data about funding rounds and valuation from Pitchbook. The companies selected were surveyed and asked to provide growth rate and revenue data in bands, to indicate their relative strength and success in the market. Publicly accessible reporting and other market data were used to add companies to the Pitchbook list. Respondents were required to provide data in order to be considered for the list. FORTUNE reviewed the data and list selection criteria with Lightspeed to ensure a fair and unbiased process. Some companies that chose not to provide data were considered for inclusion on the final list based on previously reported publicly available information. Lightspeed's Enterprise Investment Committee reviewed the final composition of the list prior to publication, in conjunction with FORTUNE. No private data or preferential treatment was given to Lightspeed portfolio companies.

By Chiara Regale, VP of Product Management

According to Gartner’s 2023 Emerging Technologies and Trend Impact Radar, Digital Twin technology is shown as having a significant impact in the next one to three years, but what exactly does this technology do? The easiest way to think about a digital twin is Google Maps. Not only does the map provide a digital representation of the roadway, but everything along the route; all of the assets that make up the community, the various stores, gas stations, construction projects, crosswalks, schools etc.

Digital twins are commonly used in various industries, including manufacturing, engineering, healthcare, transportation, and smart cities. They enable organizations to gain insights, optimize performance, and make informed decisions about their physical assets or processes...

[READ MORE on THE FAST MODE]

Security teams rely on vulnerability scanners to proactively locate vulnerabilities in network
devices, hosts, and applications. These tools help improve the overall security posture of the
network by remediating exposure before bad actors have an opportunity to exploit it.
Although incredibly helpful, the data delivered by these tools is often overwhelming and not
presented in an actionable manner.

Forward Exposure Analysis helps security teams prioritize vulnerability remediation by combining the host vulnerability data provided by vulnerability scanners like Rapid7 InsightVM or Tenable Security Center with Forward Networks' modeling capabilities. By integrating with these popular tools, Forward Networks empowers security teams to identify in seconds any impacted hosts with critical vulnerabilities that can be accessed from the Internet or any other critical exposure point.

The Forward Enterprise platform helps make sense of the extensive data provided by vulnerability scanners by categorizing the data into three segments: Exposure Points, Overview, and Vulnerability Report. The Exposure Points default to the internet, but users can add additional exposure points like VPN connections. The Overview provides a high-level analysis that makes it easy to identify the number of vulnerable hosts and whether those hosts are modeled by Forward Enterprise. The Vulnerability report is perhaps the most valuable, detailing every vulnerable host that is exposed. Exposed host reporting includes:

To see the Exposure Analysis feature in action please watch a short video:

When you think of Cisco Live Las Vegas, what’s the first thing that comes to mind? Is it s'mores, camping, and kayaking? It is for us, which is why we invite you to take some time from the hustle and bustle of the show to relax with us. 

Forward Networks is the only platform that prevents network fires by giving you all the data you need to ensure your network stays in policy and behaves exactly as expected. It takes a lot of stress off of Network Architects and has helped global companies retake control of their hybrid, multi-cloud environments.   

Stop by our tent and talk with one of our technical experts about your worst network challenges, and we’ll work through exactly how to solve it. While you’re in the booth, register to win a YETI cooler and Fuse mountain bike. 

We have lots going on at the show and look forward to seeing you there! 

Daily 

1:1 Technical Sessions  

Share your networking goals and challenges with one of our field engineers, and we'll provide custom recommendations that address your security, cloud, and network operations challenges. By attending a session, you'll also be entered into an exclusive drawing for an Oru Kayak. If you aren't able to attend Cisco Live but use the link below to schedule an online session, you'll still be entered in the drawing. 

Request a Meeting and Enter to Win a Kayak 

Monday, June 5 

Speaking Session 12:00 - 12:30 p.m. 

Join cofounder and CTO, Brandon Heller, to learn how to “Tame your Beast” – Top 5 Network Issues That a Digital Twin Can Solve in Under a Week.  

If your network beast includes hardware and software from dozens of vendors, spread across multiple data centers and clouds, and runs mission-critical applications with challenging security requirements… then join this 30-minute session featuring real-life examples from large, “beastly” enterprise networks that found a path to reliability, agility, and security. 

Tuesday, June 6 

Speaking Session 12:10 - 12:20 p.m. 

Join cofounder, Nikhil Handigol to learn how to Supercharge your SecOps with Data Insight.  

Join this 10-minute session for lightning demos of two of the best security features of Forward Enterprise that have transformed Vulnerability Management and Incident Management for our customers. Nikhil will explain how a mathematical model, or “digital twin,” of your network enables SecOps teams to prioritize vulnerabilities and respond to security incidents faster and with greater accuracy.  

Headline grabbing vulnerabilities, like SolarWinds and Log4Shell, target management software and end hosts, but if you search for “most exploited vulnerabilities” on Google, you will quickly learn that some of them directly target network and security devices as well as server load balancers.

These are the 3 most exploited CVEs in the last couple of years:


Would you be surprised to learn that network device operating systems can be vulnerable to security flaws like any other software? To remediate this risk, network and security administrators need a vulnerability management program in place. Having the right processes and technology in place can save time while protecting the network security posture.

A common approach is to split vulnerability management into two phases:

  1. Build a list of affected devices and related vulnerabilities
  2. Prioritize and address these vulnerabilities

Build a list of affected devices and related vulnerabilities 

Publicly disclosed security vulnerabilities have an assigned CVE (Common Vulnerabilities and Exposures) ID number and a severity level based on their impact. CVEs help you to coordinate the efforts to prioritize and address these vulnerabilities to make systems and networks more secure. Most enterprise networks have evolved over time and include devices from several vendors running multiple versions of operating systems. Knowing that a vulnerability was announced doesn’t give a clear picture of the organization's correlative risk.  

Large enterprises do their best to keep an accurate inventory of devices and their state, but given that most companies have experienced mergers, IT department turnover, and are resource constrained, this inventory is rarely current. Because networking vendors typically fix security vulnerabilities by issuing a new OS version, a detailed and up-to-date inventory is paramount. Trying to conduct this analysis manually is expensive, time-consuming, and error prone.

To make the analysis easier, faster, and more reliable, Forward provides a network devices vulnerability analysis that automatically compares the CVE information from the NIST National Vulnerability Database (NVD) with OS version running on the devices in your network.

This analysis provides a list of all possibly affected devices and related vulnerabilities. “Why possibly affected?” you might ask. Keep on reading and you will find out why.

The following screenshot shows an example of network vulnerability analysis in the Forward UI.

Fig 1: Forward device vulnerability analysis

The summary at the top shows the number of CVEs detected as well as the number of devices impacted.

The table shows a summary view of the CVEs including CVE ID, Severity, Description, Impacted OS, Impacted versions, and the number of Possibly impacted devices.

The Details page shows you information about devices that are impacted by that CVE like Device, Model, OS version, and Management IPs.

Fig 2: CVE details page

Prioritize and address vulnerabilities

One of the fundamental issues is that the number of vulnerabilities and devices affected can be overwhelming, making it difficult to prioritize which devices should be updated first. Filtering vulnerabilities by severity provides some help but typically the number of Critical and High severity vulnerabilities is still so high that it‘s challenging to determine a starting point. This is where the notion of “possibly affected devices” becomes pertinent. Some vulnerabilities can impact a device only if specific configurations are present, a specific feature is turned on, or they are deployed in a way that is explained in the CVE. This information is not in the NIST database, network engineers have to research vendor sites such as the Cisco Security Advisory repository to get this level of detail. 

There’s a better way

Monitoring the latest descriptions and automatically checking them against the device configurations in your network is best performed by software — it frees up highly skilled engineers to spend time on proactive strategic initiatives and is far more accurate. For many NOC teams, this capability would be A dream come true, or Like Christmas came early, right?

Well, that is exactly what Forward Enhanced Vulnerability Analysis provides!!

No more manual, tedious, and error-prone hunting for those configs on every single “possibly affected” device, one by one, that would take forever.

Just an always accurate, always updated list of devices that are actually vulnerable! Remediation efforts can be prioritized based on risk severity to ensure effort is directed to keeping the network as safe as possible.The screenshot below shows the Detected based on field. This field indicates that there is an at-risk device in the network that matches the OS version only (OS version match) or is running the impacted OS version and matches the vulnerable configuration (Config match).

Fig 3: Filtering by detection type

Additional resources

Watch this 3 minute video:

Read the use case to learn more about how Forward Enterprise can help limit your CVE exposure. Stay tuned with Forward Networks announcements because some great new innovations about vulnerabilities are...coming soon...

Top cross