Vulnerability Management

The key to an effective cyber security strategy

Vulnerability Management / VM

Guaranteeing IT security means reliably detecting vulnerabilities

A successful VM process consists of five phases:

  1. Preparation
    Plan and prepare
  2. Vulnerability Scan
    Search and find vulnerabilities
  3. Define Remediating Actions
    How and when to perform remediation
  4. Implement Remediating Actions
    Define schedules and exclusion procedures
  5. Rescan
    Recurring scans show remediation progress, help identify new risks and reprioritize vulnerability remediation based on current information

SYSback Managed Security Service fine-tunes the entire VM process to fit your business.

Next Generation VM

Artificial intelligence expands capabilities and confronts modern attacks

Endpoint Protection: Real-time monitoring of all endpoints / endpoints even outside your network. Captures even home office and sensitive assets that cannot be actively scanned or are rarely directly connected to your network.

Where will an attacker strike first? Modern, AI-powered vulnerability management prioritizes and assesses risks based on several important factors. In addition to the typical behavior of an attacker, these also include, for example, the potential impact on your company. This creates – in terms of an effective strategy – a roadmap in which order the vulnerabilities of your IT security should be fixed.

You get a complete overview of the risks in your IT infrastructure. With the integration of our Vulnerability Management (VM) into cloud services and your complete physical and virtual infrastructure, you can reliably check and monitor whether the technology used is configured securely. New or changing online devices are immediately detected and will no longer escape the attention of IT security management.

Our VM integrates with CI/CD tools and the public and private container repositories. This allows containers to be examined for risks before they are deployed. Individual risk tolerance: Whether builds should be marked as failed, unstable or passed can be individually defined via customizable thresholds. Previously undetected containers and container hosts are also identified and checked with the integrated vulnerability management.

Targets – e.g. time-related targets or service level agreement targets – can be stored in the VM and their fulfillment monitored. This means that you always have an overview of whether current or regular targets are being achieved within the specified time window and to the specified standard. Newly discovered assests or vulnerabilities are also continuously and automatically integrated into existing SLA targets.

“Where do we stand? – Where do we need to go?” are the core questions of the Compliance Check. The template wizard provides modifiable scan templates for common compliance requirements. This enables a quick setup for your own and individual, as well as relevant external security policies, such as CIS, SCADA or GDPR/DSGVO. Based on your individual requirements and the configuration of your company’s IT environment, you can create common benchmarks and define clear, actionable steps to meet all compliance requirements.

In view of the many threats, constantly ensuring a company’s IT security often requires more manpower than is available. Once vulnerabilities are identified, Artificial Intelligence (AI) can be used to quickly and automatically take countermeasures. With Automated Containment, these compensating measures are implemented across your network access control (NAC) systems, firewalls, and endpoint detection and response tools – whether as an interim solution or a long-term solution to reduce exposure.

The job of a dashboard: show immediately what’s important. From system admin to CISO, each role requires a different view of your IT security. Live dashboards show all values live in real time with data from scans, agent data and discovery connections, always clickable for more information. They can be customized and set to the desired level of detail. This allows role-based dashboards and scorecards to show each stakeholder exactly what they are interested in, filtered. Saved filters can of course also be shared to facilitate teamwork.

More than a continuous insight into the state of remediation: Our VM can identify particularly effective actions and indicates, for example, when a single patch could already fix tens of vulnerabilities simultaneously. Such remediation tasks are assigned to security teams in real time and can be tracked. By integrating the VM directly into the ticketing systems, we can seamlessly integrate remediation into the IT department’s daily operations.

All assets in the enterprise are per se a target for attack. New and changing assets make monitoring increasingly complex. Support comes from Project Sonar, a Rapid7 research project that regularly scans the public Internet to gain insight into global exposure to common vulnerabilities. Project Sonar helps keep track of all your external assets, both known and unknown, at all times. Sonar data answers questions like “How many hosts on the public Internet are exposed to a risky service like SMB?”, “What operating systems are running on these endpoints?”, or “How many DNS names under a domain owned by an organization have been discovered and resolved on the public Internet?”.

Timely information: To protect your business, especially from current and immediate threats, and to respond quickly to critical, known vulnerabilities, we have integrated threat feeds from recognized researchers into our Vulnerability Management. These feeds report on the latest attacker methods and the threats most relevant to your company’s IT environment.

Automated remediation is resource-efficient: We can automate the compilation of key information and the retrieval of fixes for identified vulnerabilities and, if appropriate and/or approved, the application of patches. The subsequent reassessment of the affected assets to verify the successful patching process can be automated as well.

Next Generation VM: Künstliche Intelligenz erweitert die Möglichkeiten des Vulnerability Management

KI Powered VM

IT security also for the requirements of a modern, complex IT landscape of tomorrow

  • Integration of almost any existing VM scanner
  • Integration of SAST, DAST, SCA security testing tools, bug bounty programs and configuration management databases (CMDBs)
  • Thread Intelligence
  • Database of 7 billion known vulnerabilities
  • Reassessment of vulnerabilities using:
    • Thread Intelligence
    • Natural Language Processing improves the evaluation of natural language information in text form about vulnerabilities and threat data
    • Predictive Modeling increases the accuracy of predicting whether a new vulnerability has a relevant damage potential to 94

Determination of the most sensible remediation sequence possible: “Risk before asset count”.

What is VM?

Vulnerability” according to ISO 27002:
“Weakness of an asset … that can be exploited by one or more threats”.

Vulnerability Management / VM represents in IT the process of identifying vulnerabilities in combination with the evaluation of the resulting risks.

Based on this, either a correction / remediation of the respective vulnerability or its formal acceptance by the company management follows. This may be the case if, for example, the impact of an attack would be low or the cost of fixing the vulnerability would be disproportionate to the maximum suspected damage.

Vulnerability management / VM should not be confused with simply searching for vulnerabilities. Both – vulnerability search and vulnerability management – belong inseparably together, but represent different concepts:

  • Vulnerability Search
    uses software to identify vulnerabilities in networks, IT infrastructure or applications
  • Vulnerability Management
    on the other hand, is the entire process around vulnerability scanning, which includes other aspects such as risk acceptance and remediation.
Schwachstellen-Suche und Schwachstellen-Management

Why VM?

Vulnerability Management / VM deckt IT-Schwachstellen auf

Vulnerability Management / VM is an important management process in every company to control risks and ensure IT security.

Advancing digitalization and the associated increasing risks in the area of computer crime demand increased attention to information security in the company. It doesn’t even have to be a malicious attacker from the outside. Danger also threatens from within through human carelessness. In addition, inadequately defined work processes can lead to serious problems.

Only if an organization has a constant up-to-date overview of possible IT vulnerabilities and knows the associated risks can it react. In this way, it can take appropriate measures to prevent attackers from causing damage or acquiring information without authorization.