Post on 10-Aug-2020
S O L U T I O N B R I E F
Vulnerability Risk Service
Copyright © 2019 BRINQA www.brinqa.com 1
Knowledge-driven vulnerability risk remediation
CYBER RISKGRAPH
Connects, models and analyzes all relevant security, context and threat data to deliver
knowledge-driven insights for vulnerability prioritization, remediation and reporting.
Foundational Cybersecurity Control
Vulnerability management is on the list of top priorities for forward thinking security organizations. The Council of Cyber Security emphasizesVulnerability Assessment and Remediation as one of the top 5 controls that help organizations establish the foundation of security and have themost immediate impact on preventing attacks. Research indicates that for identified vulnerabilities, it typically takes organizations hundreds ofdays to remediate problems. These numbers indicate that despite a steady increase in the effectiveness of vulnerability assessment tools and ininvestments in this technology, the benefits have been difficult to realize.
Knowledge-driven, Automated Solution
To effectively protect against existing and emerging threats, security teams must understand and acknowledge the new and expanded scope ofmodern vulnerability management. Brinqa Vulnerability Risk Service focuses on critical risk functions to deliver true cybersecurity toorganizations. The solution uses a risk-based approach to model program scope and context by mapping relevant assets, their dependencies andownership. It identifies and communicates critical assets in the organization and their impact to business and consolidates vulnerability, threatand asset data from all relevant sources, resolving conflicts or redundancies, and representing data on a normalized scale.
For most organizations, vulnerability assessments result in findingsthat far exceed the security team’s bandwidth for addressing them.The data overload problem is severely compounded by the host ofmanual processes commonly employed during detection, validation,and remediation. To combat data overload most organizations employsome form of vulnerability prioritization, often based on static criterialike CVSS base score. Zero-day vulnerabilities expose how ill fittingthese methods are in the ever-changing threat landscape. Withattackers frequently changing strategies and methods, security teamsare hard-pressed to keep up. Failing to deliver tangible securitybenefits, vulnerability management programs often revert to a ‘check-box’ approach that meets compliance requirements but in turnexposes the organization to greater risk.
Brinqa Vulnerability Risk Service derives risk scores for vulnerabilitiesand assets by correlating with business context, threat intelligence andtemporal factors. It prioritizes vulnerabilities for remediation based onimpact to business, severity and relevance of compromise to deliver thehighest risk-reduction and provides an easy and automated path toremediation. The solution delivers KPIs, KRIs and metrics thatcommunicate key controls, applications, business assets, programstatus, and remediation statistics to all stakeholders and continuouslyidentifies, integrates and represents changes - in classification,exploitability, impact and status - for closed loop remediation andmonitoring.
Vulnerability Risk Management Process
Vulnerabilities On The RiseSource : National Vulnerability Database
Copyright © 2019 BRINQA www.brinqa.com 2
ABOUT BRINQABrinqa empowers customers to own their cyber risk with a unique, knowledge-driven approach to cybersecurity challenges. Brinqa Cyber RiskGraph - the knowledge graph for cybersecurity - connects all relevant security and business data, establishes a common risk language, and powers cybersecurity insights and outcomes. Brinqa Cyber Risk Services apply this knowledge to uniquely inform risk managementstrategies, standardize security data management and analysis, improve communication between teams, deliver actionable insights and automate risk remediation. With Brinqa, cybersecurity programs and processes will evolve with changing risk priorities, threat landscape and technology trends. Learn more at www.brinqa.com and follow us on Twitter and LinkedIn.
S O L U T I O N B R I E F
SOLUTION HIGHLIGHTS
Intelligently connect
vulnerability, asset and threat
intelligence from all sources
for complete visibility of cyber
risk.
Prioritize remediation to
address the most exploited
and prevalent vulnerabilities
that have the biggest impact to
your business.
Eliminate the noise of false
positives with a view of all
vulnerabilities relative to the
magnitude of the threat.
Automate risk-aware, closed-
loop remediation of
vulnerabilities at scale through
creation, tracking and
escalation of tickets.
Narrow communication gaps
across teams with a common
model and language for
prioritizing and remediating
vulnerability risk.
Communicate real-time
program metrics and risk
indicators to all key
stakeholders.
Asset ManagementAccurate inventory of authorized and unauthorized devices is crucial to reducing the abilityof attackers to identify and exploit vulnerabilities. Brinqa Vulnerability Risk Service provideseasy integration with CMDB, HR, configuration management and active asset discovery toensure a complete and up-to-date representation of the organization’s assets and hierarchy.
Vulnerability EnumerationBrinqa Vulnerability Risk Service delivers complete vulnerability identification andenumeration by integrating with vulnerability assessment and monitoring technologies forevery aspect of the enterprise IT environment - infrastructure, applications, cloud,containers, and configurations. The connectors support one-click and scheduledsynchronization of data while providing administrators with a host of utility functions forreconciling redundancies, duplicates and conflicts.
Integrated Threat IntelligenceBrinqa Vulnerability Risk Service integrates a host of open source and commercial threatfeeds into an organization's vulnerability management program - providing comprehensivevisibility into known exploits, weaponization, zero-day popularity, pervasiveness and patchavailability. This information is crucial to assessing the true impact, likelihood and cost of avulnerability.
Risk PrioritizationBrinqa Vulnerability Risk Service combines all criteria behind asset criticality, networkexposure, and vulnerability severity into an open, transparent, and adjustable risk calculationmodel. Customers can implement their unique risk perspectives in the prioritization processand focus on what matters most to them.
Risk RemediationRule-based automated remediation provides administrators with the ability to createintelligent tickets by grouping vulnerabilities based on inherent characteristics, assetproperties, remediation options and ownership. Tickets are created automatically, reducingthe remediation gap - the time between vulnerability discovery and remediation. Automatedticket creation improves the effectiveness, efficiency, and consistency of remediation effortsby dynamically enforcing ownership, escalation chains, and SLAs.
Risk Analytics & CommunicationBrinqa Vulnerability Risk Service tracks key KRIs, KPIs and program metrics to monitor risk-reduction, remediation time and window of opportunity. The self-service analytics interfaceallows stakeholders to leverage a library of metrics and reports, or to define their own. Thesolution comes with a wide variety of technology and business hierarchy based reportstargeted for a diverse audience ranging from C-level executives to technical staff.