Good vulnerability management requires constant attention to detail. That effort can be a burden on your security operations team.
The reality is, incident response often takes priority over preventive efforts, starting a negative cycle where your team keeps cleaning up after preventable incidents.
The objective of the managed vulnerability service is to reduce your cyber risk with as little effort from your team as possible. We provide the process framework and manage the details in every process area. Depending on your requirements, we can initiate remediation of some, or all of the vulnerabilities identified – or interface with your operations teams to ensure priority and progress.
The basis for these items is the vulnerability management framework developed in cooperation with major financial institutions and critical infrastructure providers.
Service delivery is built on the Qualys Cloud Platform, and integrates with your existing technology stack, either through plug'n'play connectors or via custom API development.
The service is designed to cover all areas of the vulnerability management framework, so please refer to this section for an introduction of the areas.
The key service areas integrate to provide the best possible data quality:
Asset management
Your existing asset inventory – or inventories – will be integrated with the VMaaS solution so key information is available. Most notably, we track the status of each asset on your network and keep detailed ownership records.
This data feeds into the vulnerability detection step, so we know exactly which assets are covered, and are constantly looking for blind spots to cover.
Vulnerability detection
Agent-based vulnerability detection ensures near-realtime detection of vulnerabilities, but what about devices that doesn’t support agents?
We will track the health of each vulnerability management agent deployed on your assets and ensure that all assets are comprehensively covered, regardless of which vulnerability detection method is best.
Prioritization
Patching everything immediately is not a realistic option. Instead, we must intelligently prioritize how vulnerabilities should be remediated given your existing patch cycle.
Using asset context information and relevant threat intelligence, we track vulnerabilities that should be given high-priority status and remediated quickly.
We provide a process that provides you with the required information to make decisions about these exceptional vulnerabilities, so you avoid interrupting the business unnecessarily.
Remediation
What’s the most efficient way to remediate vulnerabilities? Doing it only once, of course.
Depending on requirements per asset group, we will either interface with your operations teams to ensure comprehensive remediation under the existing patch cycles, or we can remediate the vulnerabilities for you.
Both options can co-exist for example, we can actively remediate vulnerabilities in Adobe software for you, while working with the Networking team to ensure they remediate vulnerabilities in their assets – and we will not touch those.
Reporting
There are three major consumers of information generated by the vulnerability management service, namely
Additionally, data is available to support other functions ad hoc, such as incident response, asset lifecycle management and more.
The information is tailored to these audiences and available in multiple formats.
For the service to work properly, there are a number of dependencies to be established. To facilitate this, we provide a detailed enablement plan outlining requirements that are either "must-have" or "value adding".
The approach guides the efforts to enable the service, and contains multiple quality checkpoints where we ensure that the data and integrations are working as expected.
We also define the service governance to your requirements and existing governance structures.
If you think this service is of interest to you, the best way forward is to see with your own eyes.
Let us organize a show and tell session, where you get to see the service working in our lab and you can see how the service supports your existing cybersecurity elements.
Get in touch here, or call our main number.
NorthX managed services are not meant to operate in isolation.
As we build an increasingly complete inventory of your network, understand your assets and vulnerabilities better, we continuously produce data that is valuable to other functions across your organization.
Asset management practices will benefit from comprehensive scanning techniques as we enrich and normalize essential asset data. Incident Response teams will value the up to date view of known vulnerabilities on assets of interest; Deployment teams will benefit from easy pre-deployment vulnerability assessments; And Patching teams will appreciate specific and prioritized targets of high-priority vulnerabilities to avoid costly emergency patch campaigns.
Cooperating and interacting with relevant teams in your organization is a cornerstone of our managed services and is built into the core service design.