Vulnerability Management, MSP, MSSP, Channel partners

Zafran Security Debuts Vulnerability Detection Tool That Roots Out False Positives

In a dark, textured digital space a red padlock glows atop a small black cube, symbolizing security, protection, and privacy in the world of data and technology..

With its new Zafran Detector continuous vulnerability detection module, Zafran Security says it can help IT security teams find and target real threats that can affect their IT systems, while isolating and not wasting resources on other threats that cause no harm.

The Zafran Detector, the latest component of the company’s unified Threat Exposure Management Platform, is built to help businesses use existing agents and security controls to detect new Common Vulnerabilities and Exposures (CVEs). The detector then assesses the CVEs in real time to determine if they are exploitable within the hybrid environments where they are detected. If they are not exploitable, the Zafran Detector recognizes this and will not waste resources trying to defend against them, according to the company.

The detector is an agentless deployment that uses the deep visibility of an agent-based service while taking a runtime-first approach, Snir Havdala, the co-founder and chief product officer of Zafran Security, told ChannelE2E. By identifying vulnerabilities that are running and exposed in real time using AI, the detector can continuously analyze the data to focus on true threats, he said.

“What sets us apart is the ability to close the loop between detection and action,” said Havdala. “Instead of bolt-on integrations or siloed tools, Zafran uses the first unified data model across detection, scoring, and remediation, enriched with risk context. That means vulnerabilities flagged by Detector can be routed automatically to the right owners using our RemOps engine, with prebuilt workflows in Jira, ServiceNow, and others. It’s not just about identifying risk - it’s about resolving it quickly and reliably.”

The Zafran platform is purpose-built to help MSPs and MSSPs deliver vulnerability management services with less operational burden. “Our agentless, API-driven architecture makes onboarding and managing multiple clients fast and seamless, with no hardware, no scan windows, and no patch dependencies,” said Havdala. By slashing false positives, MSPs and other partners can provide measurable outcomes for customers, he noted.

“Channel partners are a core pillar of our growth strategy,” Havdala emphasized. “We are committed to enabling their success with a platform that makes delivering vulnerability management services easier, faster, and more impactful than ever.”

The Zafran platform with the new Zafran Detector module is available immediately and is delivered as a cloud-hosted platform to customers through channel partners.

Zafran Detector Can Provide a More Targeted Approach, Says Analysts

Paul Nashawaty, principal analyst for AppDev and modernization at theCUBE Research, told ChannelE2E that the new Zafran Detector reflects a strategic shift in vulnerability management.

“By combining the visibility of agent-based tools with the ease of agentless deployment, Zafran delivers continuous, runtime-aware detection that focuses on exploitable risks rather than theoretical CVEs,” he said. “This approach addresses long-standing inefficiencies in traditional scanners and integrates directly into remediation workflows, offering a unified, action-oriented platform.”

This aligns with theCUBE Research findings that 87% of enterprises say the inability to correlate vulnerabilities with actual exploitability slows response times and increases risk, said Nashawaty. "This makes Zafran’s end-to-end, exploit-aware approach a timely evolution in threat exposure management,” he added.

This could be a valuable tool for MSPs responsible for managing security across multiple customer environments. “Its ability to leverage existing agents, operate continuously without intrusive scans, and prioritize exploitable vulnerabilities makes it scalable and efficient for multi-tenant environments. MSPs often struggle with noisy alerts and fragmented tools,” said Nashawaty.

Another analyst, Rob Enderle, principal analyst with Enderle Group, said the benefits of this new capability from Zafran Detector “would be huge in terms of reduced risk from the growing wave of ever-more capable hostile attacks,” including “the increasing wave of AI-based attacks beginning to hit companies globally.”

Enderle called the detector “a very strong initial offering, but I expect it will pale in comparison to future offerings that make even more use of AI to provide even faster and more effective mitigation of the growing exposures from hostile actors.”

Todd R. Weiss

Todd R. Weiss is a contributing editor to ChannelE2E and MSSP Alert. He is an award-winning technology journalist and freelance writer who covers the full range of B2B IT topics. He served as managing editor at EnterpriseAI.news and was a staff writer for Computerworld and eWeek.com. He is a diehard Philadelphia Phillies, Eagles, Flyers and Sixers fan and says he is the world’s worst golfer.

You can skip this ad in 5 seconds