Action1 Disrupts Endpoint Security in Distributed Enterprises

Action1 Corporation, a provider of the risk-based patch management platform designed for work-from-anywhere enterprises, announced plans to invest $20 million in its solution.

The reason for the investment is to close the gap for easy-to-use secure cloud solutions for the remediation of security vulnerabilities on endpoints within distributed networks.

The company plans to allocate funds for R&D, focusing specifically on implementing a zero-knowledge architecture into its platform.

Unpatched vulnerabilities accounted for 82 percent of cyberattacks during the first six months of 2022, making them a leading contributor to breaches. Patching is overlooked due to the complexity of modern IT environments and the lack of automation.

Specifically, 73 percent of enterprises don’t automate third-party patching despite having an average of 67 applications per device.

While cloud-based solutions can address these issues, enterprises are concerned about security risks following software supply chain attacks like SolarWinds and Kaseya, which compromised multiple entities through a single-entry point.

The Action1 cloud-native platform empowers enterprises to remediate security vulnerabilities by streamlining the deployment of OS and third-party updates or implementing compensating controls.

Unlike many other patch management market players that rely on third-party technologies, Action1 uses its own patching engine, ensuring a 99 percent patch success rate.

Through the integration of zero-knowledge architecture, Action1 eliminates the risk of successful supply chain attacks targeting both the platform and its customers, enabling organizations to secure their endpoints with confidence.

The zero-knowledge architecture uses encryption and digital signatures, ensuring that transactions within the system are proven and verified without revealing underlying information.

This additional layer of defense makes it nearly impossible for attackers to establish persistence within the software supply chain in the event of a compromise.

Key elements of the zero-knowledge architecture:

  • End-to-end encryption: Transactions within the system are encrypted, and decryption and execution are only possible with signature keys known only to the system’s administrator.
  • Verification without data revelation: All commands must be verified for identity before execution, but no entity, including the vendor, has a sensitive level of access to the customer’s environment.

Learn more at