My TechDecisions

Latest News

GRIMM Private Vulnerability Disclosure Program Gets Ahead of the Unknown

ARLINGTON, Va.–(BUSINESS WIRE)–GRIMM, a forward-looking cybersecurity organization led by industry experts, today announced the launch of the company’s new Private Vulnerability Disclosure (PVD) program. This offering allows defenders to get ahead of the attack curve, instead of reacting to unknown threats, by providing previously unknown vulnerabilities.

Subscribers will have access to a stream of high-impact vulnerabilities from GRIMM’s internal research team. Release timing will be at least two weeks before the vulnerabilities are publicly known, allowing partners to defend themselves before most attackers are aware of the vulnerability/vulnerabilities.

Each PVD release will include:

  • Full technical details of the vulnerabilities and affected systems
  • Proof-of-concept exploit, which provides:

    • Verification that specific configurations are (or are not) vulnerable
    • Assessment of defenses to determine true effectiveness
    • Documentation illustrating how the attack works, enabling

      • Blue teams to write robust mitigations and detections
      • Red teams to improve skills on the art of exploitation
  • Instructions on how to quickly mitigate
  • Any indicators of compromise (such as log messages) to speed detection

Because the releases contain only high-impact vulnerabilities, a user’s inbox will not be filled with low-risk or insignificant issues. This means engineers will not waste resources looking into minor issues; rather, resources may focus efforts on the most pressing of challenges.

The security research is done entirely by GRIMM’s internal PVD team. The GRIMM PVD team has decades of experience in the most sensitive environments. Research targets are selected based on extensive threat modeling and our team’s deep background in reverse engineering and vulnerability research. Because GRIMM has a strong commitment to partnership, the PVD program welcomes requests to look into specific software or hardware. GRIMM is able to offer this service to a limited, trusted clientele to ensure that the program is used appropriately while the team works with the vendors for patches.

For more information, contact pvd@grimm-co.com.

About GRIMM

GRIMM is a forward-thinking cybersecurity organization led by industry experts. The company’s practice demonstrates the impact of security risks and provides the technical solutions to address top risks. GRIMM’s expertise is built on operational experience solving advanced cybersecurity problems. For more, go to www.grimm-co.com.

Contacts

Dan Chmielewski

Madison Alexander PR

714-832-8716

949-231-2965

dchm@madisonalexanderpr.com

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

The State of Digital Signage & Video Wall Technology

Digital signs and video walls come in a variety of sizes, configurations and pixel pitches, but they share a common purpose: communicating information

Live Demo: Ensuring Excellent Hybrid Meetings Without Stressing IT Staff

Watch this live demo of AVI-SPL’s meeting room management software Symphony to learn how to ensure positive meeting outcomes and reduce the burden ...

Three Soft Skills IT Pros Need in 2022 and Beyond

Along with a deep understanding of new and emerging technologies and how to apply them to a business, IT professionals also need the requisite soft...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales