Success in recent attacks targeting auto dealers could trigger the next "Gold Rush." But you can be ready. https://okt.to/ITc1xB
Phosphorus Cybersecurity Inc.
Software Development
Nashville, Tennessee 7,492 followers
The industry’s only xIoT discovery and remediation platform.
About us
Phosphorus Cybersecurity® is the leading CPS Protection Platform delivering a proactive approach to security management for the exploding IoT, OT, IIoT, and IoMT attack surface. Designed to find and secure the rapidly growing, unknown, and often unmonitored world of Cyber-Physical Systems across the xTended Internet of Things landscape, our Unified xIoT Security Management Platform provides unmatched security management and breach prevention across every industry vertical—delivering high-fidelity discovery and risk assessment, proactive hardening and remediation, and continuous monitoring and management. With patented xIoT Intelligent Active Discovery and risk assessment, Phosphorus automates the mitigation and remediation of the most significant IoT, OT, IIoT, and IoMT device vulnerabilities – including unknown and inaccurate asset inventory, default credentials, out-of-date and vulnerable firmware, risky configurations, banned and end-of-life devices, and expired or self-signed certificates.
- Website
-
http://www.phosphorus.io
External link for Phosphorus Cybersecurity Inc.
- Industry
- Software Development
- Company size
- 51-200 employees
- Headquarters
- Nashville, Tennessee
- Type
- Privately Held
- Founded
- 2017
- Specialties
- Cybersecurity, Internet of Things, IoT Security, and OT Security
Products
Phosphorus Unified xIoT Security Management Platform
IoT Security Software
Introducing the Phosphorus Unified xIoT Security Management Platform, the world’s only solution delivering xIoT security management and breach prevention for IoT, OT, IoMT, and IIoT Cyber-Physical Systems (CPS). Only Phosphorus delivers Intelligent Active Discovery, providing the most accurate, safe, and rapid discovery of all xIoT devices. Phosphorus stands alone in its ability to deliver near real-time risk assessment and automate the remediation of the most significant cyber-physical system vulnerabilities — including inaccurate asset inventory, default credentials, insecure configurations, out-of-date certificates, firmware, and more. All without hardware, agents, or hassles.
Locations
-
Primary
1600 West End Avenue, Ste 300
300
Nashville, Tennessee 37203, US
Employees at Phosphorus Cybersecurity Inc.
-
Richard Stiennon
Research Analyst, Author of Security Yearbook 2024 stiennon.substack.com
-
Brian Contos
Serial Entrepreneur | Board Advisor | Investor | Author
-
Genesa Poggioni
Vice President of Customer Success @ Phosphorus CyberSecurity
-
Jon Lusky
Building stuff that works, and fixing stuff that doesn't. Providing technology resources to enable people and Agile teams to be successful and the…
Updates
-
It's all about communication. Whether reaching out to sensitive OT/ICS devices and minimizing or eliminating downtime or logging and monitoring these Cyber-Physical Systems, safe and accurate communication is essential to secure operational technology and industrial control system hardware. https://okt.to/UvPJKo via SC Media
-
We're not done with firmware yet! In light of the recently revealed regreSSHion OpenSSH vulnerability, the #PhosphorusLIVE crew is breaking down how open source leads to issues often getting overlooked, how this situation has evolved, and what it means for you. Register now: https://okt.to/jix8Re Michael Huckaby James McCarthy
-
Register Now | It’s survival of the fastest in sensitive IoT and OT environments, and most organizations aren’t even in the race. 🔗 https://okt.to/AV3z9X
-
-
Have a happy #IndependenceDay this week! 🎆 Keep it cool. Keep it managed. And keep this party going with family, friends, and tasty barbecues (or, even better, some Nashville Hot Chicken). #4thofJuly
-
-
Start to proactively reduce your risk in our 15-Minute xIoT Discovery Suite during #BlackHatUSA. https://okt.to/75jArz Join us at the Four Seasons for hands-on with the Mobile xIoT Lab and the industry's only IoT and OT discovery and remediation platform. You can do it all, and it shouldn't take but a few minutes.
-
-
A high-severity vulnerability (CVSS 8.1) was found in OpenSSH server versions 8.5 to 9.7, allowing unauthenticated remote code execution through a race condition. This flaw can give attackers root access, posing severe risks. In this video, Phosphorus CISO John Terrill tells you what you need to know about this vulnerability, how the situation might evolve, and what you can do right now. 🔍 Discovery and Impact: Originally patched in 2006, the issue resurfaced unnoticed until Qualys' recent discovery. With millions of potentially vulnerable systems globally, a proof-of-concept exploit has already been published, increasing the threat of ransomware and crypto mining attacks. 🔧 Phosphorus is actively tracking this vulnerability and coordinating with vendors for necessary firmware updates. Using Phosphorus Custom Agenda and targeted queries, we can help identify vulnerable devices. Further, we offer mitigation actions through our platform, including disabling SSH services where possible. Our team is assessing threat details to provide actionable intelligence and recommend compensating controls. 🛡️ Protect Your Systems: Patch immediately or apply available mitigations. Disable SSH services on unsupported devices or block port 22 to xIoT devices if network segmentation is in place. Stay vigilant and coordinate with your security teams to mitigate this risk effectively. 🔗 Learn More & Query Details: Use this query, mentioned in the video, on the Phosphorus platform to find vulnerable devices on your network: devices?q=ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_8.5 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_8.6 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_8.7 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_8.8 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_8.9 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.0 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.1 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.2 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.3 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.4 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.5 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.6 OR ssh.tcp.22.banner%3ASSH-2.0-OpenSSH_9.7
-
See every IT and xIoT thing. Respond with unprecedented precision and speed. It's just what we do! You can, too, with ServiceNow and the Phosphorus integration. Learn more: https://okt.to/OYfcmP
-
-
Just in from the xIoT News Desk. 📰 1. Details come out about the FCC's IoT badge program. While a great direction, some would like to see a greater focus on enforcement. 2. And for a short period of time, this camera company made all images and videos from users' homes and businesses public. James McCarthy reported on these important stories before Michael Huckaby took viewers through the Phosphorus Lab today on #PhosphorusLIVE. Register for future sessions here. https://okt.to/TbO7I6 Eric Brown Bryan Van Den Heuvel
-
Many of Cybersecurity and Infrastructure Security Agency's CPGs come down to a new standard in cyber hygiene – one that can require extensive person hours to implement at scale. Meet and exceed these performance goals with Unified xIoT Security Management from Phosphorus. https://okt.to/mVUkq1
-