Vulnerability Remediation-as-a-Service (vRaaS)
vRaaS can reduce the time it takes IT Operations teams to remediate vulnerabilities, found by IT Security teams, from days or weeks to minutes or hours.
Today, it can take days or weeks for IT Operations to remediate vulnerabilities found by IT Security, exposing organisations to potential attacks. As a result, mitigating the risk of cyberattacks continues to top CIO and CISO’s list of concerns.
Companies that detect vulnerabilities using Tenable® are focused on seeking out vulnerabilities across the organisation. IT Operations teams using BigFix® systematically find and deploy the right patch for each unique vulnerability identified by Tenable. In many cases, there are communication gaps between the two teams, resulting in excessive manual efforts, spreadsheet errors and a long list of vulnerabilities that remain open.
vRaaS can reduce the time it takes for IT Operations to remediate vulnerabilities found by IT Security from days or weeks to minutes or hours. vRaaS automatically correlates vulnerabilities with the most appropriate patch and configuration settings, enabling organisations to quickly prioritise and deploy remediation actions, reducing the enterprise attack surface. Unlike other solutions, vRaaS leverages the broadest set of remediation capabilities, both in terms of supported OS platforms, and out-of-the-box certified remediations.
Highlights
Dramatically reduce the gap between IT Security and IT Operations, reducing the time required to remediate/close discovered vulnerabilities
Automatically correlate vulnerabilities discovered by Tenable with the recommended remediation Fixlets using the AgentX BigFix superdense engines.
Shrink attack surfaces and close the loop between vulnerability detection and remediation.
No additional agent or relay is required, and there is no impact on the endpoint or network performance.
Three Granular Views
vRaaS provides actionable views of the correlated data from Tenable and AgentX BigFix. Each view helps IT and Security Operators understand the magnitude and severity of the vulnerabilities in different ways to enable effective prioritisation of remediation actions. Operators can leverage interactive visualizations to filter and drill down to more detail associated with the correlated vulnerabilities and devices.
Graphical overview/summary
Comprises three graphs or charts for a high-level visual overview, to enable faster prioritisation across multiple contexts.
- Top 10 Critical Exposures
- Breakdown by CVSS/VPR
- Vulnerabilities by Date Published and Severity
Data view
Depicts vulnerabilities with available Fixlets, along with the number of affected devices in a tabular format. The Data View provides the ability to search each column for a specific value, filter, or sort the values in the column.
Vulnerability view
From the Data view, select a specific vulnerability to view more detail, including vulnerability metadata, available Fixlet content for remediation, applicable devices, and deployment status.
What Our Clients Have To Say
Case Study
Typically, an IT Operations or Security Specialist will spend 2-3 minutes researching the right remediation for each vulnerability. With potentially hundreds or thousands, that is a lot of time spent. vRaaS automates this process with the Advanced Patch Correlation Engine which:
What does this mean in business terms?
An organization with 1,000 running vulnerabilities will spend up to 50 person-hours per assessment cycle researching and correlating available fixes to the correct assets. With vRaaS, this time can be reduced to less than 2 hours by automating manual processes and reducing errors and associated rework. That is 96% less effort!
IT organisation can also quickly implement fixes and effectively prove compliance to auditors and executive stakeholders. With vRaaS, IT Security and IT Operation teams can collaborate effectively to quickly remediate vulnerabilities discovered in a prioritized manner, providing significant operational and organizational value to the CIO and CISO.
vRaaS delivers signification business value by:
- Aligning Security and Operations teams with intelligent automation.
- Compressing security vulnerability remediation times by an order of magnitude.
- Implementing fixes and proving compliance to all stakeholders.
- Reducing enterprise security risk, helping prevent cyberattacks.