10 March 2022

Synack and Accenture—Working Together to Protect the Nation’s Critical Assets

Synack

Synack works with innovative government security leaders who are responsible for protecting their organizations by finding and remediating exploitable vulnerabilities before they can be used by an attacker. In this effort we have formed trusted partnerships with federal agencies and their consultants, helping them to achieve mission-critical goals safely. Synack has worked with more than 30 federal agencies to quickly identify known and unknown vulnerabilities before attackers can take advantage of them. And Synack has received Moderate “In Process” status from the Federal Risk and Authorization and Management Program (FedRAMP) underscoring Synack’s commitment to stringent data and compliance standards. This work is especially important in light of President Biden’s recent cybersecurity memorandum laying out steps that federal agencies need to take to protect the nation’s critical assets – its networks and data.

An example of such recent and essential work brings us back to December 12, 2021, when the U.S. Department of Homeland Security (DHS) issued a warning about the Log4j vulnerability. Federal agencies were required to identify if they had the vulnerability and remediate it by December 24th. The challenge for agencies trying to find this vulnerability was that the effort could take weeks. Synack’s SWAT team was able to identify vulnerability (and variants) in a matter of hours for agencies. Without Synack, this could have taken days or weeks to find. One Synack federal customer was able to successfully test more than 520 active hosts and 200 in a 24-hour period for this critical vulnerability. 

Accenture Federal Services (Accenture) is a premier consultant to cabinet-level federal agencies, providing end-to-end cybersecurity services and skilled professionals to help agencies innovate safely and build cyber resilience. In partnering with Synack, Accenture brings to bear the power and speed of the Synack platform to help federal agencies be more proactive with their cybersecurity practices. Working together, Synack and Accenture are delivering innovative solutions, including continuous security testing, which empowers agencies to quickly detect and remediate vulnerabilities before they can be exploited. Synack’s comprehensive security testing complements Accenture’s hands-on consultative engagements support agencies integrating security into their organization.

Proactive components of security programs are so critical and yet often hard to perform at scale, primarily due to the cyber talent gap. Together, Accenture and Synack are successfully building proactive measures into agency-wide security programs with clear impact and staying power. We are regularly delivering on unprecedented find-to-fix vulnerability cycles, Vulnerability Disclosure Programs VDP (BoD 20-01), and testing in pre-production environments. 

The Power of Synack & Accenture Federal Enables Security Teams for On-Demand Security Testing

  • Penetration testing at scale
  • Nimble responsiveness to time-sensitive customer needs
  • Continuous security posture testing
  • Evaluation of high-value assets and testing of internal, external, and cloud assets
  • Policy and compliance audits

The Synack/Accenture  partnership is a strong example of how Synack can provide a higher level of pentesting and security evaluation to government customers with varying levels of security expertise. In-house pentesting is difficult to scale, but Synack’s community of the world’s most skilled and trusted ethical researchers delivers effective, efficient, and actionable security testing on-demand and at scale, allowing security teams to focus on the vulnerabilities that matter most.