DataBee®, a Comcast Company, Introduces Novel and Automated Way to Manage Risk Posed by Asset Exposure and Vulnerabilities
DataBee, a Comcast Company, has launched DataBee for Vulnerability and Asset Exposure Management, an enhanced security solution built on their security, risk and compliance data fabric platform. The new product automates asset and application inventory management while helping teams remediate vulnerabilities and compliance gaps more efficiently.
The solution addresses critical cybersecurity challenges, as vulnerability disclosures increased from 29,000 in 2023 to over 40,000 in 2024, while the exploitation time decreased from 32 days to just 5 days. The platform features automated asset discovery, vulnerability insights, and streamlined remediation processes through patent-pending entity resolution technology.
Key features include automated inventory maintenance, exposure identification, owner discovery, and remediation automation through IT workflow tools. The solution also introduces DataBee EntityViews™ for applications, providing comprehensive application details including users, devices, organization, versions, and associated vulnerabilities.
DataBee, una compagnia di Comcast, ha lanciato DataBee per la gestione delle vulnerabilità e dell'esposizione degli asset, una soluzione di sicurezza avanzata basata sulla loro piattaforma di gestione dei dati relativi a sicurezza, rischio e conformità. Il nuovo prodotto automatizza la gestione dell'inventario di asset e applicazioni, aiutando i team a risolvere le vulnerabilità e colmare le lacune di conformità in modo più efficiente.
La soluzione affronta sfide critiche nel campo della cybersecurity, poiché le segnalazioni di vulnerabilità sono aumentate da 29.000 nel 2023 a oltre 40.000 nel 2024, mentre il tempo di sfruttamento è diminuito da 32 giorni a soli 5 giorni. La piattaforma offre scoperta automatizzata degli asset, approfondimenti sulle vulnerabilità e processi di rimedio semplificati grazie a una tecnologia di risoluzione delle entità in attesa di brevetto.
Le caratteristiche principali includono la manutenzione automatizzata dell'inventario, l'identificazione delle esposizioni, la scoperta dei proprietari e l'automazione del rimedio attraverso strumenti di lavoro IT. La soluzione introduce anche DataBee EntityViews™ per le applicazioni, fornendo dettagli completi sulle applicazioni, inclusi utenti, dispositivi, organizzazione, versioni e vulnerabilità associate.
DataBee, una compañía de Comcast, ha lanzado DataBee para la gestión de vulnerabilidades y exposición de activos, una solución de seguridad mejorada basada en su plataforma de datos de seguridad, riesgo y cumplimiento. El nuevo producto automatiza la gestión del inventario de activos y aplicaciones, ayudando a los equipos a remediar vulnerabilidades y brechas de cumplimiento de manera más eficiente.
La solución aborda desafíos críticos de ciberseguridad, ya que las divulgaciones de vulnerabilidades aumentaron de 29,000 en 2023 a más de 40,000 en 2024, mientras que el tiempo de explotación se redujo de 32 días a solo 5 días. La plataforma cuenta con descubrimiento automatizado de activos, información sobre vulnerabilidades y procesos de remediación simplificados a través de una tecnología de resolución de entidades pendiente de patente.
Las características clave incluyen mantenimiento automatizado del inventario, identificación de exposiciones, descubrimiento de propietarios y automatización de remediación a través de herramientas de flujo de trabajo de TI. La solución también presenta DataBee EntityViews™ para aplicaciones, proporcionando detalles completos sobre las aplicaciones, incluidos usuarios, dispositivos, organización, versiones y vulnerabilidades asociadas.
DataBee는 Comcast의 자회사로, 취약점 및 자산 노출 관리용 DataBee를 출시했습니다. 이는 보안, 위험 및 규정 준수 데이터 패브릭 플랫폼에 기반한 향상된 보안 솔루션입니다. 이 새로운 제품은 자산 및 애플리케이션 인벤토리 관리를 자동화하며, 팀이 취약점을 해결하고 규정 준수 격차를 보다 효율적으로 해소할 수 있도록 돕습니다.
이 솔루션은 사이버 보안의 중요한 도전 과제를 다루고 있으며, 취약점 공개가 2023년 29,000건에서 2024년 40,000건 이상으로 증가한 반면, 악용 시간은 32일에서 단 5일로 감소했습니다. 이 플랫폼은 자동 자산 발견, 취약점 인사이트 및 특허 출원 중인 엔터티 해결 기술을 통한 간소화된 수정 프로세스를 특징으로 합니다.
주요 기능으로는 자동화된 인벤토리 유지 관리, 노출 식별, 소유자 발견 및 IT 워크플로 도구를 통한 수정 자동화가 포함됩니다. 이 솔루션은 또한 애플리케이션에 대한 포괄적인 세부 정보를 제공하는 DataBee EntityViews™를 도입하여 사용자, 장치, 조직, 버전 및 관련 취약성을 포함합니다.
DataBee, une entreprise de Comcast, a lancé DataBee pour la gestion des vulnérabilités et de l'exposition des actifs, une solution de sécurité améliorée basée sur leur plateforme de données de sécurité, de risque et de conformité. Le nouveau produit automatise la gestion de l'inventaire des actifs et des applications, aidant les équipes à remédier aux vulnérabilités et à combler les lacunes de conformité de manière plus efficace.
La solution répond à des défis critiques en matière de cybersécurité, les divulgations de vulnérabilités ayant augmenté de 29 000 en 2023 à plus de 40 000 en 2024, tandis que le temps d'exploitation a diminué de 32 jours à seulement 5 jours. La plateforme propose une découverte automatisée des actifs, des informations sur les vulnérabilités et des processus de remédiation rationalisés grâce à une technologie de résolution d'entités en instance de brevet.
Les fonctionnalités clés incluent la maintenance automatisée de l'inventaire, l'identification des expositions, la découverte des propriétaires et l'automatisation de la remédiation via des outils de flux de travail IT. La solution introduit également DataBee EntityViews™ pour les applications, fournissant des détails complets sur les applications, y compris les utilisateurs, les appareils, l'organisation, les versions et les vulnérabilités associées.
DataBee, ein Unternehmen von Comcast, hat DataBee für das Management von Schwachstellen und Asset-Exposition eingeführt, eine verbesserte Sicherheitslösung, die auf ihrer Sicherheits-, Risiko- und Compliance-Datenplattform basiert. Das neue Produkt automatisiert das Asset- und Anwendungsinventarmanagement und hilft Teams, Schwachstellen und Compliance-Lücken effizienter zu beheben.
Die Lösung adressiert kritische Herausforderungen in der Cybersicherheit, da die Offenlegungen von Schwachstellen von 29.000 im Jahr 2023 auf über 40.000 im Jahr 2024 gestiegen sind, während die Ausnutzungszeit von 32 Tagen auf nur 5 Tage gesenkt wurde. Die Plattform bietet automatisierte Asset-Entdeckung, Einblicke in Schwachstellen und optimierte Remediationsprozesse durch eine patentierte Entitätsauflösungstechnologie.
Zu den Hauptfunktionen gehören die automatisierte Pflege des Inventars, die Identifizierung von Expositionen, die Entdeckung von Eigentümern und die Automatisierung der Remedation durch IT-Workflow-Tools. Die Lösung führt auch DataBee EntityViews™ für Anwendungen ein, die umfassende Anwendungsdetails wie Benutzer, Geräte, Organisation, Versionen und zugehörige Schwachstellen bereitstellen.
- Launch of new automated security management solution
- Patent-pending entity resolution technology
- Integration with existing IT workflow tools
- Automated asset and application inventory management capabilities
- Increasing vulnerability threats (40,000 new vulnerabilities in 2024)
- Shortened exploitation window (5 days vs previous 32 days)
DataBee for Vulnerability and Asset Exposure Management helps security and compliance teams quickly and efficiently remediate vulnerabilities and compliance gaps
Application owner discovery is an important capability to have at a time when there’s a dire need to reduce the time from discovery to remediation of vulnerabilities. In 2024, over 40,000 new vulnerabilities were disclosed in public CVE records, up from approximately 29,000 in 20231. While vulnerabilities were exploding in number, the time taken for attackers to exploit new vulnerabilities shrank dramatically – from 32 days in 2022 to just five days in 2023, according to a study conducted by Mandiant2.
“When the cybersecurity team finds a vulnerability, the next challenge is to find the right team and the right person to take action on it,” said Scott Adams, Executive Director of Information Security at Comcast, and a frequent collaborator with the DataBee engineering and product development team. “A great start to improving closure rates includes assigning findings to the right team on day one of the remediation SLA. The challenge is that until you find the right team, very little remediation work is happening to close that vulnerability. But DataBee for Vulnerability and Asset Exposure Management can help change this equation by determining those ‘day one’ team and people assignments.”
DataBee for Vulnerability and Asset Exposure Management expands on an earlier Security Hygiene product and features new Vulnerability Insights, and Asset & Application Inventory consoles in the DataBee UI which provides vulnerability and IT asset managers alike with the ability to:
- Automate asset & application inventory creation and maintenance: The security data fabric weaves together the data you have to create and manage your asset and application inventory
- Accelerate risk reduction through higher quality data: Vendor managed and optimized data mappings reduce complexity to accurately and quickly address exposures
- Discover asset and application owners: Quickly find responsible owners
-
Pinpoint exposures such as:
- Past Due Vulnerabilities: Customize to your SLAs by severity
- Devices that Drop Off of Scans: Based on your organization’s defined scan frequency
- Top Offenders: Rank owners with the most vulnerabilities
- Automate the remediation process: Speed up remediation efforts by creating and assigning tickets to the right owners for patching vulnerabilities using some of the most widely used IT workflow tools
With patent-pending entity resolution underpinning DataBee for Vulnerability and Asset Exposure Management, the solution also uniquely provides DataBee EntityViews™ for applications, a simple way to see all the details about an application including the users, devices, organization, application version and vulnerabilities associated with it.
“Unburdening IT asset managers and vulnerability teams from the time-consuming process of finding owners for unmanaged applications and devices means they can spend more time on the important work of promoting efficient and secure operations,” said Jill Cagliostro, Director of Product Management at DataBee. “It can also help cross-functional conversations go from combative to collaborative because data automation, not laborious guesswork, identifies the rightful owners of assets and applications that need patching or updating.”
Added Nicole Bucala, General Manager of DataBee, “Partnering with our colleagues on Comcast’s cybersecurity and information technology teams, we’ve built an excellent tool for creating and maintaining asset and application inventories, whether you have a CMDB or not. This is an incredibly helpful capability when you consider that asset data is the foundation for almost all security and risk analysis. Given how dynamic the technology landscape is, especially in a large organization, when your CMDB and application list can keep pace with change, it has an amazing ripple effect on the time within which vulnerabilities can be addressed.”
DataBee for Vulnerability and Asset Exposure Management is available now.
1 The CVE Program, Published CVE Records, https://www.cve.org/about/Metrics |
2 Mandiant, Google Cloud blog, October 15, 2024, https://cloud.google.com/blog/topics/threat-intelligence/time-to-exploit-trends-2023/ |
About Comcast Corporation
Comcast Corporation (Nasdaq: CMCSA) is a global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, our businesses reach hundreds of millions of customers, viewers, and guests worldwide. We deliver world-class broadband, wireless, and video through Xfinity, Comcast Business, and Sky; produce, distribute, and stream leading entertainment, sports, and news through brands including NBC, Telemundo, Universal, Peacock, and Sky; and bring incredible theme parks and attractions to life through Universal Destinations & Experiences. Visit www.comcastcorporation.com for more information.
For more information on DataBee, visit databee.buzz.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250305795607/en/
Media Contacts
Joel Shadle
joel_shadle@comcast.com
703.906.2645
Source: DataBee
FAQ
What new security features does CMCSA's DataBee platform introduce in 2024?
How many new vulnerabilities were disclosed in public CVE records for CMCSA's DataBee to address in 2024?
What is the current vulnerability exploitation timeline that DataBee aims to address?
What specific tools does CMCSA's DataBee platform offer for vulnerability management?
