Nucleus Security announces Cloud-Native Vulnerability Exposure Management platform

Nucleus Security today announced its Cloud-Native Vulnerability Exposure Management (VEM) solution supporting 135+ cloud asset types, cloud security connectors, and Adaptive Contexts, an innovative method for mapping cloud-native assets to effectively manage risks in dynamic cloud environments. This expansion of the Nucleus Security platform delivers the business-aligned risk and ownership visibility needed to prioritize, assign, and mitigate exposures at scale.

Nucleus’ Adaptive Contexts connects ephemeral risk findings to assets using business context to stabilize risk and ownership visibility across dynamic cloud environments. This release focuses on container images and workloads and will expand to additional cloud-native models. Nucleus enables security teams to understand where the risk on an asset comes from: the container workload, container image, or base image. Automated matching between the assets and each asset’s business context informs teams who should take action and which remediation action to take.

“Cloud-native services and applications are among the fastest-growing attack surfaces. Scanners alone cannot provide the visibility needed to mitigate vulnerabilities across these high-scale, dynamic environments. Security teams need continuous cloud-native exposure management capabilities that enable business-driven risk prioritization and mitigation at scale,” said Steve Carter, co-founder and CEO of Nucleus Security. “Nucleus Cloud-Native VEM with Adaptive Contexts provides the clarity, control, and continuous visibility that security teams require to stay ahead of threats and close gaps.”

Nucleus Adaptive Contexts uses a dynamic tracking mechanism to map ephemeral assets and risks across deployments and versions into a durable vulnerability and asset timeline that preserves the lifecycle of a finding across dynamic environments. This approach allows teams to prioritize exposures and effectively reduce risk over time in dynamic cloud environments, providing the risk and ownership visibility to understand, prioritize, and effectively reduce critical exposures.

Nucleus Adaptive Contexts enables persistent vulnerability and exposure management with:

• Continuous Context—Track and map cloud-native assets and risks into run-time environments, such as sidecar images, workloads, and base images for persistent business-aligned risk context.
• Smart Asset & Finding Correlation—Automatically link cloud-native assets across environments and versions.  Deduplicate findings across multiple versions of the same image or workload to eliminate noise and provide clear risk visibility.
• Integrated Cloud Security Stack—Integrate seamlessly with leading cloud security tools, asset inventories, and cloud platforms to provide a single source of truth for exposure management.

“Threat and exposure management in the cloud introduces an additional layer of complexity. The advantages of cloud-native applications and infrastructure center on the assets' ephemeral nature, which offers distinctive scaling capabilities,” said Tyler Shields, Principal Analyst at Enterprise Strategy Group. “Tracking ownership, mapping threats and exposures, and prioritizing fixes based on a comprehensive contextual understanding in this environment is extremely challenging. Nucleus is addressing this issue directly with the new release of the Adaptive Contexts technology.”

To learn more about Nucleus Cloud-Native VEM with Adaptive Contexts, click here.