Origina launches OPTAS to protect unsupported software

Origina has launched OPTAS, a cybersecurity service for enterprises running unsupported software. It is designed to identify and mitigate vulnerabilities before they are publicly disclosed.

The Dublin-based software maintenance provider is targeting organisations that still rely on older versions of business-critical systems after vendor support has ended.

Many large companies continue to use software that remains central to finance, operations and supply chains long after official support has lapsed. In those cases, newly discovered flaws may not receive vendor-issued fixes, leaving internal security teams to assess risks and devise workarounds on their own.

OPTAS combines AI-based analysis with human review to identify the vulnerabilities most likely to affect a customer's environment. It then prioritises those risks and provides mitigation steps that do not depend on a vendor-issued patch.

A recent internal test underpinned the launch. During that work, Origina said it found previously undisclosed vulnerabilities in a widely used enterprise platform before the software vendor had publicly disclosed them.

According to Origina, the vendor confirmed that the affected product version was no longer supported and would not be fixed. The company then developed its own mitigations for affected customers ahead of public disclosure.

Patch gap

The launch reflects a wider cybersecurity debate over how much protection patching alone can provide, particularly in older, more complex enterprise estates. Large organisations often run customised software environments that include open-source components, legacy integrations and configurations that fall outside standard vendor patch cycles.

Origina's analysis of 13 major enterprise platforms found that 74% of vulnerabilities affecting core enterprise software sit in open-source dependencies outside standard original equipment manufacturer patch cycles. It added that organisations relying on patch compliance alone may be addressing as little as 30% of their actual exposure.

This framing positions unsupported software as a persistent, under-examined risk in large enterprises. It also highlights the pressure on security teams, which face a high volume of alerts and vulnerability disclosures while trying to determine which issues present a credible exploitation path in their own systems.

OPTAS assesses a customer's environment across the technology stack, threat exposure, regulatory context and operational constraints. The service is intended to identify the attack paths a real adversary would most likely pursue, rather than flagging every theoretical weakness.

Origina has built its business around providing independent software maintenance for organisations that continue to run mature enterprise systems. It says it supports more than 300 large enterprises and has been recognised by Gartner every year since 2019 as an independent software maintenance partner.

The product also points to a commercial tension between software vendors and customers with long-lived systems. Vendors typically encourage upgrades and migrations as products age, while customers may prefer to retain stable versions for operational or cost reasons.

Origina argued that vendor-led security models do not always match the needs of customers seeking an independent assessment of risk. It added that fear-based messaging around vulnerabilities can reinforce dependence on vendor roadmaps and upgrade cycles.

Rowan O'Donoghue outlined that position at the launch.

"Origina was founded on a simple belief: customers deserve better. They deserve better than fear-led upgrade cycles, better than vulnerability noise without context, and better than being left exposed when the OEM has moved on. From the outset, we made it our mission to deliver world-class protection for the business-critical software our customers depend on. OPTAS is the latest expression of that mission. It gives customers an independent, continuous way to identify, validate, and mitigate vulnerabilities in the software they rely on, so they can operate stable, older versions with confidence in a world no longer defined by OEM dependency," said Rowan O'Donoghue, Chief Innovation Officer & Co-Founder, Origina.

Benjamin Lipczynski set out how the company views the current vulnerability management challenge for large organisations.

"Cybersecurity has become a game of patch whack-a-mole, and AI has only made it faster. OPTAS targets the 1% of vulnerabilities that matter so security teams aren't chasing the 99% that don't. It's a fundamentally different approach, prioritizing intelligence over alerts and validation over volume. We tell organizations exactly where to act, what to prioritize, and what to do about it," said Lipczynski.

The service is available to Origina customers as part of its vulnerability advisory work and is intended to protect systems after vendor support has ended.