Catalogs Automates Information Sharing and Collaboration for Faster
Remediation of Vulnerabilities
SUNNYVALE, Calif. (BUSINESS WIRE) lt;a href=”https://twitter.com/hashtag/AppSec?src=hash” target=”_blank”gt;#AppSeclt;/agt; RiskSense , Inc.,
pioneering risk-based vulnerability prioritization and management, today
announced a new version of the RiskSense platform that closes the gap
between security and IT that often prevents vulnerabilities from being
remediated in a timely fashion. New collaboration options include
automated vulnerability updates and findings, support for sophisticated
workflows, and ease of communicating and validating IT remediation
priorities for fighting cyber risk.
According to Gartner, Inc., “Successful realization of standard SOC
capabilities is just not possible without certain inputs from the IT
organization. A collaborative relationship between the SOC and IT teams
such as help desk and network operations center (NOC) is instrumental,
but it’s not enough. Depending on the scope of the SOC project, IT will
need to either establish new or provide access to existing processes…”*
Enhanced Vulnerability Management Visibility and Collaboration
To
help SOC and NOC users prioritize activities based on remediation
projects, regulatory compliance, or other business-specific security use
cases, RiskSense has introduced the following two key enhancements that
simplify the tracking and remediation of security vulnerabilities.
To manage threats from a 360 degree perspective, RiskSense enables users
to tag vulnerabilities explicitly with distinct views filtered by
affected hosts, applications or databases. Users can create tags to
facilitate remediation efforts using one or more of the following tag
types: location, remediation, people, compliance, scanner, CMDB or the
new “project” tag type.
The new project tag allows users to set a determined start and end date
for projects and track it through its lifecycle from the tag view. For
example, if a user wants to track remediation progress by location, they
can choose the location type tag to create a project. These customizable
views allow project owners to more efficiently track both the status and
progress of remediation efforts to meet regulatory compliance
requirements for PCI, HIPAA, and more.
For tighter collaboration between SOC and NOC teams, RiskSense now
offers enhanced bi-directional integration with two ServiceNow
modules:Incident
andService
. With these new integrations, the sharing and updating ofincident or service ticket information is synchronized between the two
systems. This enables organizations that use ServiceNow to manage their
IT infrastructure to provide network, application and database support
teams with up-to-the-minute vulnerability remediation activity details
and status from the RiskSense platform or the ServiceNow interface.
Conversely, SOC teams can monitor and maintain visibility into
remediation actions and progress by their NOC counterparts in the
RiskSense platform.
“Risk and vulnerability management is a collaborative effort between
security operations and network operations teams that requires real-time
information sharing to remediate high-priority threats before they can
be exploited,” said Srinivas Mukkamala, CEO of RiskSense. “We continue
to enhance the RiskSense platform and its workflow capabilities to make
it easier, faster and more automated for organizations to detect and fix
security risks, even if their attack surface is growing faster than the
resources they have to manage it.”
In addition to the ServiceNow functionality, this latest release of the
RiskSense platform also features a new integration with Tanium Comply,
as well as support for Retina’s new Extended Report format.
*Gartner, Inc., How to Plan, Design, Operate and Evolve a SOC , 06
September 2018, by Anton Chuvakin, Augusto Barros, and Anna Belak.
Availability
The new version of the RiskSense platform is
available now.
About RiskSense
RiskSense , Inc. provides
vulnerability prioritization and management to measure and control
cybersecurity risk. The cloud-based RiskSense platform uses a foundation
of risk-based scoring, analytics, and technology-accelerated pen testing
to identify critical security weaknesses with corresponding remediation
action plans, dramatically improving security and IT team efficiency and
effectiveness. For more information, visit www.risksense.com
or follow us on Twitter at @RiskSense.
Contacts
RiskSense
Marc Gendron
+1 781.237.0341
marc@mgpr.netmedia.relations@risksense.com
Do you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.