Tuskira Quell Offers Proactive Zero-Day Defense Before Exploitation
Tuskira's new Quell capability aims to drastically reduce breachable exposure by identifying and mitigating zero-day risks before they can be exploited, even without available patches.
Tuskira has launched Quell, a new capability designed to provide proactive defense against zero-day exploits. Unlike traditional approaches that focus on rapid patching, Quell aims to identify zero-day vulnerabilities that are actively reachable within an organization's specific environment. It then assesses the effectiveness of existing security controls against these threats and recommends compensating controls to mitigate the risk before a patch is even available.
The company claims this exposure-led defense strategy can reduce an organization's breachable exposure by up to 99%. Tuskira cites an example of a global financial services deployment where Quell reduced over 12 million raw findings to just 0.46% actionable risk within weeks, significantly cutting down triage time from three weeks to a mere thirty minutes.
This new approach is positioned as a response to the rapidly changing threat landscape, particularly the acceleration of exploit development and weaponization driven by AI. The disclosure-to-weaponization window for exploits discovered by AI models is now measured in minutes, making the traditional race to patch an increasingly unwinnable strategy. Tuskira argues that in this new era, faster mitigation through existing defenses is paramount, especially when a patch is not yet available.
Quell operates by correlating exposure data, identity information, network reachability, and the live state of existing security controls within Tuskira’s Security Context Graph. When a zero-day vulnerability is identified, Quell models potential attack paths and tests them against current policies and compensating controls. This process reveals 'covered on paper' gaps that remain practically breachable, answering the critical question of whether an organization's existing stack could actually stop a given exploit.
When a zero-day is actively being exploited, Quell's Zero Day Agent ingests live threat intelligence. It maps the exploit's preconditions against the environment to pinpoint which assets are reachable, exploitable, and currently undefended. Instead of waiting for a vendor to release a fix, Quell identifies the most effective compensating control change that can disrupt the exploitation path.
The capability then orchestrates these control changes through existing enterprise security tools such as EDR, firewalls, IAM, WAF, and SIEM, often with analyst approval where required by policy. Crucially, Quell continuously revalidates that the exploit path remains closed as the environment evolves, treating a threat as mitigated only when the exploit can no longer reach its intended target.
With Quell, enterprises can identify zero-days impacting their organization, neutralize zero-day exposure windows within hours without waiting for patches, and validate the effectiveness of compensating controls. The system orchestrates high-leverage control changes to close attack paths and provides proof of mitigation and tracking of resilience gains over time.
"Zero-day response can’t be measured by how fast a ticket gets opened," stated Piyush Sharma, CEO of Tuskira. "It has to be measured by whether the exploit path is closed. Quell does that continuously, even before a patch exists." Quell is available on the Tuskira platform as a standalone capability or as part of its broader Agentic SecOps portfolio.