Rezilion announced the availability of MI-X, a newly created open-source tool developed by Rezilion’s vulnerability research team that made its debut this week at Black Hat Arsenal. Available as a download from the GitHub repository, it is a CLI tool that can help researchers and developers know if their containers and hosts are impacted by a specific vulnerability, thus allowing organizations to target remediation plans more effectively.
“Cybersecurity vendors, software providers and CISA are issuing daily vulnerability disclosures alerting the industry to the fact that all software is built with mistakes that must be addressed, often immediately. With this influx of information, the launch of MI-X offers users a repository of information to validate exploitability of specific vulnerabilities creating more focus and efficiency around patching efforts,” said Yotam Perkal, Director, Vulnerability Research at Rezilion. “As an active participant in the vulnerability research community, this is an impactful milestone for developers and researchers to collaborate and build together.”
Each day, organizations grapple with a litany of critical and zero-day vulnerabilities and scramble to understand if they are affected by that vulnerability before a threat actor figures it out first. Many times, their existing tools cannot help them make this determination. That’s because in order to do so, organizations need to:
What organizations need is a tool that can answer the two questions above. Current vulnerability scanners take too long to scan, don’t factor exploitability, and based on the nature of a specific vulnerability often miss it altogether – as was the case with the recently discovered Log4j vulnerability. The lack of tools gives threat actors a lot of time to exploit a flaw and do major damage.
Using MI-X, organizations can identify and establish the exploitability of 20+ high-profile CVEs within their environment, including hosts and containers. The tool can easily be updated to include coverage for new critical and zero-day vulnerabilities.
The tool will be a key asset to security teams seeking to know if critical bugs are a serious threat to their individual software environment so they can take action. With MI-X, security teams can scan a specific host or container and determine if a high-risk vulnerability is present and exploitable in hosts and containers.
MI-X is ideal for researchers, developers, and very small organizations to quickly detect the presence and exploitability of a known critical CVE so they can eliminate guesswork and focus on remediating what presents a true risk to the environment.
Easily upgradeable to expand coverage of vulnerabilities, by using MI-X, security teams can strategically identify vulnerabilities, without the need for expensive tools. Through MI-X, users can:
The introduction of MI-X is the first of a series of initiatives planned by Rezilion to foster a community around detecting, prioritizing and remediating software vulnerabilities.
For more information on getting started with MI-X, visit https://www.rezilion.com/rezilion-tools/am-i-exploitable/ or join the tool’s open Slack channel at https://www.rezilion.com/lp/join-the-mi-x-community-on-slack/.
Rezilion’s platform automatically secures the software you deliver to customers. Rezilion’s continuous runtime analysis detects vulnerable software components on any layer of the software stack and determines their exploitability, filtering out up to 95% of identified vulnerabilities. Rezilion then automatically mitigates exploitable vulnerabilities across the SDLC, reducing vulnerability backlogs and remediation timelines from months to hours, while giving DevOps teams time back to build.
Learn more about Rezilion’s software attack surface management platform at www.rezilion.com and get a 30-day free trial.
Media Contact:
Danielle Ostrovsky
Hi-Touch PR
410-302-9459
Ostrovsky@Hi-TouchPR.com