Managed security services


Whenever a new vulnerability is discovered, we will determine if your business is vulnerable and remediate the vulnerability, reducing your total business risk.

Service objective

Good vulnerability management requires constant attention to detail. That effort can be a burden on your security operations team.

The reality is, incident response often takes priority over preventive efforts, starting a negative cycle where your team keeps cleaning up after preventable incidents.

The objective of the managed vulnerability service is to reduce your cyber risk with as little effort from your team as possible. We provide the process framework and manage the details in every process area. Depending on your requirements, we can initiate remediation of some, or all of the vulnerabilities identified – or interface with your operations teams to ensure priority and progress.


The service gives you

  • Access to a constantly up to date inventory of your assets
  • Realtime detection of vulnerabilities on those assets
  • Intelligent prioritization and tracking of vulnerabilities
  • Remediation of vulnerabilities within agreed boundaries
  • Monitoring of emerging threats specific to your business
  • Improvement over time including configuration documentation of your critical assets

The basis for these items is the vulnerability management framework developed in cooperation with major financial institutions and critical infrastructure providers.

Service delivery is built on the Qualys Cloud Platform, and integrates with your existing technology stack, either through plug'n'play connectors or via custom API development.



How it works - the short version

The service is designed to cover all areas of the vulnerability management framework, so please refer to this section for an introduction of the areas.


The key service areas integrate to provide the best possible data quality:

Asset management

Your existing asset inventory – or inventories – will be integrated with the VMaaS solution so key information is available. Most notably, we track the status of each asset on your network and keep detailed ownership records.

This data feeds into the vulnerability detection step, so we know exactly which assets are covered, and are constantly looking for blind spots to cover.


Vulnerability detection

Agent-based vulnerability detection ensures near-realtime detection of vulnerabilities, but what about devices that doesn’t support agents?

We will track the health of each vulnerability management agent deployed on your assets and ensure that all assets are comprehensively covered, regardless of which vulnerability detection method is best.



Patching everything immediately is not a realistic option. Instead, we must intelligently prioritize how vulnerabilities should be remediated given your existing patch cycle.

Using asset context information and relevant threat intelligence, we track vulnerabilities that should be given high-priority status and remediated quickly.

We provide a process that provides you with the required information to make decisions about these exceptional vulnerabilities, so you avoid interrupting the business unnecessarily.



What’s the most efficient way to remediate vulnerabilities? Doing it only once, of course.

Depending on requirements per asset group, we will either interface with your operations teams to ensure comprehensive remediation under the existing patch cycles, or we can remediate the vulnerabilities for you.

Both options can co-exist for example, we can actively remediate vulnerabilities in Adobe software for you, while working with the Networking team to ensure they remediate vulnerabilities in their assets – and we will not touch those.



There are three major consumers of information generated by the vulnerability management service, namely

    1. Executives overseeing multiple patch teams or security in general
    2. Team leads or remediation owners, directly responsible for remediating vulnerabilities on any number of assets
    3. The security team managing the wider security posture

Additionally, data is available to support other functions ad hoc, such as incident response, asset lifecycle management and more.

The information is tailored to these audiences and available in multiple formats.



Service enablement

For the service to work properly, there are a number of dependencies to be established. To facilitate this, we provide a detailed enablement plan outlining requirements that are either "must-have" or "value adding".

The approach guides the efforts to enable the service, and contains multiple quality checkpoints where we ensure that the data and integrations are working as expected.

We also define the service governance to your requirements and existing governance structures.


Next step

If you think this service is of interest to you, the best way forward is to see with your own eyes.

Let us organize a show and tell session, where you get to see the service working in our lab and you can see how the service supports your existing cybersecurity elements.


Get in touch here, or call our main number.

Supports your entire cybersecurity program

NorthX managed services are not meant to operate in isolation.

As we build an increasingly complete inventory of your network, understand your assets and vulnerabilities better, we continuously produce data that is valuable to other functions across your organization.

Asset management practices will benefit from comprehensive scanning techniques as we enrich and normalize essential asset data. Incident Response teams will value the up to date view of known vulnerabilities on assets of interest; Deployment teams will benefit from easy pre-deployment vulnerability assessments; And Patching teams will appreciate specific and prioritized targets of high-priority vulnerabilities to avoid costly emergency patch campaigns.

Cooperating and interacting with relevant teams in  your organization is a cornerstone of our managed services and is built into the core service design.