Back to blog

Introducing Smart Fix By Rezilion

Aram Peles Chen May 31, 2023
5 minute read
Learn more about Rezilion's Smart Fix Feature

As a part of our mission to improve and accelerate software supply chain security, today we are pleased to unveil Rezilion’s new Smart Fix feature.

Vulnerabilities can pose significant risks to organizations, and we all know it’s vital that they are remediated as soon as possible. But more often than not, patching vulnerabilities is a time-consuming process – and one that can introduce operational risk to an organization if it’s not approached correctly.  Within this process, at best, valuable security and developer bandwidth is eaten up researching the appropriate component version to upgrade to in order to patch the vulnerability, if an upgrade is even available.  At worst, a patch is implemented but it breaks the build, triggering downtime and other issues.

With Smart Fix, Rezilion users can avoid these problems altogether, by receiving guidance on what, where and how to patch…automatically. The Smart Fix capability surfaces information on the best update version available to patch all CVEs with the lowest likelihood of breaking applications or infrastructure.  This information is provided for every vulnerable component that is identified within a customer’s environment. A user can view which of the vulnerable components has a fix by navigating to the Remediation tab in the platform. If a vulnerable component has a fix, the user can open a ticket for one or more vulnerable components and view the fix suggestion versions. Under the field “update version” in the ticket, the user can see the suggested fix version for every vulnerable component. Either the smart Rezilion fix (which considers operational risk) or the latest version is available or the security person can write a custom fix – in which case the security person defines the version. After choosing a version, the user can create the ticket, and all the data including the version chosen will be sent automatically to the developer responsible for fixing it.

When it comes to patching, the most recent update version isn’t always the best to use. Rezilion’s new Smart Fix feature makes it easy for teams to know which upgrade versions are available, and which version to use in order to address software vulnerabilities while minimizing operational risks.

How It Works
Smart Fix guidance is powered by Rezilion’s Next Generation Vulnerability Database (NGVDB), which  maintains an up-to-date record of each component’s unique vulnerability properties and version history. By overlaying this data on top of a customer’s dynamic SBOM, customers can then understand not only where vulnerabilities exist, but if and how to go about addressing them as efficiently as possible.   

For every vulnerable component, we now offer the following information:

Whether there is any fix for it or not – Speed up time to remediate by immediately flagging which vulnerable components have a fix available; Filter the Remediation tab view to triage remediation work accordingly.

Quickly filter to view which components have a fix available.

 

After filtering, users can now see which vulnerable components have a fix available.

After filtering, users can now see which vulnerable components have a fix available.

  • Rezilion Smart Fix – Using a unique algorithm, we calculate the lowest version of a component that solves maximum risk with minimum operational risk. The lower the version, the fewer dependencies it will have to affect, and the less damage it will cause, which is the biggest pain point and fear among developers today. 
  • Latest version – For customers who want to update to the latest version, we also offer the latest version for each vulnerable component. 
  • Custom remediation – There are some components that cannot be upgraded to a newer version. This use case allows security people to text guide their developers on how to address this particular vulnerability. 
  • What you can see on the following image is that components have been resolved (green icon) – that is, components with their specific versions which were present in the environment previously but are not present in the environment anymore and have been resolved. It doesn’t matter if they have vulnerabilities – you don’t have to worry about them.

 For all components - see what of them were resolved already and not. 

 Smart Fix is now available for all supported environments, including both Windows and Linux operating systems. Due to the ever-changing nature of vulnerability remediation, we will continue to improve our algorithm, expand our coverage, and expand our workflow in the months to come.

Want to see how it works?  Book a demo with our technical team today for a personalized tour.

See you soon,

Aram

About the author: Aram Peles Chen is a product manager at Rezilion, specializing in networks and cyber security, and a former officer in unit 8200 (the national cyber unit in the intelligence forces in the IDF). Aram led the development of major features for Rezilion, including the recently added Smart Fix and Enrichment Feeds.

Keep reading

The CVE-2023-5217 Deja Vu – Another Actively Exploited Chrome Vulnerability Affecting a WebM Project Library (libvpx)
Blog

The CVE-2023-5217 Deja Vu – Another Actively Exploited Chrome Vulnerability Affecting a WebM Project Library (libvpx)

Read Now
What Exactly Is Application Security Posture Management?
Blog

What Exactly Is Application Security Posture Management?

Read Now
Rezilion Researchers Uncover New Details on Severity of Google Chrome Zero-Day Vulnerability (CVE-2023-4863)
Blog

Rezilion Researchers Uncover New Details on Severity of Google Chrome Zero-Day Vulnerability (CVE-2023-4863)

Read Now

Reduce your patching efforts by
85% or more in less than 10 minutes

Get Demo