Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Forescout Technologies Inc.

Forescout Technologies Inc. Vendor Cyber Rating & Cyber Score

forescout.com

For more than 25 years, Fortune 100 organizations, government agencies, and large enterprises have trusted Forescout as their foundation to manage cyber risk, ensure compliance, and mitigate threats. The Forescout 4D Platform™ delivers comprehensive asset intelligence, continuous assessment, and ongoing control over all managed and unmanaged, agented and un-agentable assets across IT, OT, IoT, and IoMT environments. Forescout’s open platform makes every cybersecurity investment more effective with seamless data integrations and automated workflow orchestration across more than 100 security and IT products.


FTI A.I CyberSecurity Scoring

FTI
Company Information
Website:http://www.forescout.com
Employees number:1,317
Number of followers:70,260
NAICS:541514
Industry Type:Computer and Network Security
Homepage:forescout.com
FTI Risk Score (AI oriented)
Between 750 and 799
logo
FTIComputer and Network Security
Updated:
01/05/2026
758/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
FTI Global Score (TPRM)
xxxx
logo
FTIComputer and Network Security
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

FTI
FTIFair
Current Score
758Baa (FAIR)
01000
1 incidents
-1 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
759Before Incident
JUNE 2026
759Before Incident
MAY 2026
758Before Incident
APRIL 2026
758Before Incident
MARCH 2026
758Before Incident
FEBRUARY 2026
759Before Incident
Vulnerability
01 Feb 2026FTI
Forescout Technologies: Forescout finds 3.4 million RDP and VNC servers exposed, raising risks to OT and enterprise networks

Millions of RDP and VNC Servers Exposed, Heightening Cybersecurity Risks to Critical Infrastructure

758After Incident
CRITICAL-1
FOR1777631221
Millions of RDP and VNC Servers Exposed, Heightening Cybersecurity Risks to Critical Infrastructure New research from Forescout Technologies’ Vedere Labs reveals a staggering 1.8 million Remote Desktop Protocol (RDP) and 1.6 million Virtual Network Computing (VNC) servers exposed to the internet, creating significant security vulnerabilities across industrial and enterprise environments. China leads in exposure, accounting for 22% of RDP and 70% of VNC servers, followed by the U.S. (20% RDP, 7% VNC) and Germany (8% RDP, 2% VNC). Industry analysis shows retail, services, and education sectors dominate RDP exposure, while education, services, and healthcare lead in VNC exposure. Manufacturing, transportation, and utilities are also heavily impacted. Many exposed systems run outdated software 18% of RDP servers use end-of-life Windows versions, and 42% rely on Windows 10, which no longer receives security updates. Additionally, over 19,000 RDP servers remain vulnerable to the critical BlueKeep flaw, and nearly 60,000 VNC servers have authentication disabled, including 670 directly linked to operational technology (OT) and industrial control systems (ICS). Threat activity is escalating, with hacktivist groups actively sharing tools to identify and exploit vulnerable systems. The REDHEBERG botnet has infected nearly 40,000 exposed VNC assets since February. Since Russia’s invasion of Ukraine in 2022 and the Middle East conflict escalation in early 2026, hacktivist attacks on critical infrastructure have surged. Pro-Russian groups like Cyber Army of Russia Reborn (CARR), NoName057(16), Z-Pentest, and Sector16 have targeted exposed VNC servers, using brute-force attacks and custom tools to gain access. One such tool, the TRK25 ADVANCED SCADA scanner, probes RDP, VNC, and OT-specific protocols like Modbus and OPC, capturing screenshots of compromised systems. Recent incidents include a claimed breach of an Israeli groundwater pumping station and the sale of access to a Czech SCADA system. The risks are compounded by insecure remote access practices in industrial environments. Traditional methods like VPNs and jump hosts often rely on shared credentials and lack granular control, while undocumented access pathways created by OEMs, contractors, or ad hoc connections operate without oversight. Legacy protocols, designed without remote connectivity in mind, further increase vulnerability to misconfigurations and unauthorized access. Limited session visibility exacerbates the problem, as organizations struggle to track who accesses critical systems and what actions they take. Forescout’s research underscores that secure remote access (SRA) in cyber-physical systems (CPS) requires a fundamental shift treating access as a controlled operational workflow rather than a simple network connection. Modern SRA solutions isolate sessions, rendering them as secure, browser-delivered streams to minimize exposure of fragile protocols. However, many organizations remain complacent, treating long-standing remote connections as "trusted" despite their inherent risks. As Mandolini of Forescout noted, these unsecured pathways often overlooked in favor of more complex threat scenarios frequently appear in breach reports under labels like "unauthorized access" or "compromised credentials." The findings highlight an urgent need for improved governance and visibility in remote access management to prevent exploitation of these persistent security gaps.
INCIDENT DETAILS -
TYPE
Exposed ServersVulnerability Exploitation
MOTIVATION
HacktivismFinancial gain (sale of access)Cyber warfare
IMPACT
RDP servers (1.8M)VNC servers (1.6M)Operational Technology (OT)Industrial Control Systems (ICS)Potential unauthorized access to critical infrastructureDisruption of industrial processes
JANUARY 2026
759Before Incident
DECEMBER 2025
759Before Incident
NOVEMBER 2025
759Before Incident
OCTOBER 2025
759Before Incident
SEPTEMBER 2025
759Before Incident
AUGUST 2025
759Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for FTI ?
?
What was FTI's A.I Rankiteo Cyber Score in June 2026 ?
?
What was FTI's A.I Rankiteo Cyber Score in May 2026 ?
?
What was FTI's A.I Rankiteo Cyber Score in April 2026 ?
?
What was FTI's A.I Rankiteo Cyber Score in March 2026 ?
?
What was FTI's A.I Rankiteo Cyber Score in February 2026 ?
?
What was FTI's A.I Rankiteo Cyber Score in January 2026 ?
?
What was FTI's A.I Rankiteo Cyber Score in December 2025 ?
?
What was FTI's A.I Rankiteo Cyber Score in November 2025 ?
?
What was FTI's A.I Rankiteo Cyber Score in October 2025 ?
?
What was FTI's A.I Rankiteo Cyber Score in September 2025 ?
?
What was FTI's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on FTI's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with FTI ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view FTI's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?