Search

Share

Injecting Smart Vulnerability Management (VM) into IT Ops

If you are a follower of our blog series, you will note that we advocate three basic tenets to achieve Smart Vulnerability Management:

 

  1. Full-Stack – A single solution across the entire attack surface – including the network and web applications and API’s – enables one single touchstone of truth.
  2. Hybrid – Scanning solution integrated with human expertise delivers alerts that are virtually 100% free of False Positives.
  3. Ops Integration – Integration with IT Management Service tools ensures the IT Ops staff has accurate ranked business alerts within their systems to ensure optimal remediation SLA’s.

Typically the benefits of the Full-Stack and Hybrid models are top of mind when considering our solution. However, we recently had one of our larger global enterprise clients report back that the Ops Integration feature drove their decision to embrace our Smart Vulnerability Management solution.

Ops Integration provides a huge benefit, enabling the IT department to focus on alerts that really matter without disturbing their daily workflow. This emphasis on their decision-making process highlighted the importance of Ops Integration and inspired us to share the engagement details with our community.

The Details

This client found API discovery and assessment to be particularly challenging. They did not have an accurate solution in play and they did not have an efficient way to communicate with IT which API issues required timely remediation. The client required that their API discovery and assessment solution integrate with their IT service management platform – ServiceNow. They were using the VM Module within ServiceNow.

However, the massive project to create an end-to-end service integration with their current ecosystem of scanning tools was far too expensive and would take too much time. Edgescan provided an ROI analysis showing the amount of headcount and associated cost reduction that the Edgescan API solution would yield. However, the compelling reason driving the client to select the Edgescan solution was that it could quickly integrate with ServiceNow without significant costs. The client had projected an 18-month duration to integrate their original group of scanning tools with ServiceNow. With Edgescan’s hosted platform, the integration only took one month.

 

Accuracy was a Gate Keeper

In addition to saving time on the integration process, the client also enjoyed the accuracy of having false-positive-free output. This was key in driving initial acceptance of the service. Initially Edgescan discovered 2200 API’s when the client’s current solution only reported 500. This was more than enough to impress the client with solution accuracy.

 

Takeaways

What can we learn from an organization that put such an emphasis on Ops Integration?

  1. Getting Priorities Straight – the fact Ops Integration figured so heavily into their decision-making is a reminder of the importance of placing Vulnerability Management intelligence into the hands of those who will fix the issue. Without this in play, Mean-Time to Repair (MTTR) metrics will suffer.
  2. Sheer Number of Automated Scanning Solutions is a Problem – Gartner and others have stated that the overhead costs of managing multiple point scanning solutions is significant. The costs and time to integrate into an IT Management Service tool is yet another reason to consolidate.
  3. Hosted Solutions Offer Integration Advantages – a home-grown ecosystem of Vulnerability Management tools is inherently difficult to integrate. A hosted solution pre-baked with integrations into major IT Service Management tools like ServiceNow enables one to focus on ranking automated alerts for effective remediation times on things that matter.

If you would like to learn more about injecting Smart Vulnerability Management into your IT Operations, click below.

Related Articles

Edgescan, a prominent player in the cybersecurity landscape, has garnered significant attention and praise on Gartner Peer Insights. This platform, …

After discussing CTEM (Continuous Threat and Exposure Management) and ASPM (Application Security Posture Management) recently with some noted industry analysts, …

In the world of cybersecurity, the debate between Continuous Threat Exposure Management (CTEM) and traditional penetration testing is like comparing …