Skip Ribbon Commands
Skip to main content
Home > Services > Risk Management > Vulnerability Management Program

RISK MANAGEMENT

Vulnerability Management Program


Essentials

SecureState’s Vulnerability Management Program is a service offered to efficiently and effectively manage the vulnerabilities on an organization’s external security presence. The ultimate goal of the Vulnerability Management Program is to completely externalize the process with a solution that is superior to, and less expensive than, your current process. To obtain maximum benefit from a Vulnerability Management Program, SecureState would partner with your organization to foster a “joint venture.” Many organizations falsely believe that their running of a vulnerability scanner against their external presence equates to a Vulnerability Management Program. A vulnerability scanner is merely a tool. The data from a vulnerability scanner is useless unless the organization actively uses this data to increase their security posture.

Benefits

In an ever-changing world of new vulnerabilities and associated threats, it is critical to keep an active inventory of external systems, associated ports, services, and applications. If one variable changes, then the associated risk level also changes. With PCI and other regulations requiring regular scanning, the effectiveness of “reactive” scanning has a diminishing return. SecureState addresses the complex demands of enterprise-scale vulnerability management with the ability to combine multiple technologies and methodologies with process-driven design.

Expertise

SecureState has assisted organizations in building automated processes surrounding traditionally manual and decentralized activities. Additionally, we have built components for the aforementioned processes that leverage cutting edge automation technology. Unlike most companies, SecureState specializes in developing customized security solutions for organizations. We understand what you mean, not what you say. Our size and experience level allows us to provide a solution that truly meets your company’s current and future vulnerability management needs.

SecureState Vulnerability Management Program Get Free White Paper

Did You Know?

  • Keeping an inventory of external systems, ports, services and applications is critical
  • Vulnerability Management is an ongoing process to find, categorize, and address vulnerabilities in your environment
  • Running a vulnerability scanner such a Qualys, Nessus or Nexpose is not a vulnerability management system
  • When a new system is placed on the Internet, it will be scanned within 15 minutes
  • The weakest link is a system your security team does not know about. Without a strong change management program, it is impossible to know what systems are in your environment.

Our Approach and Methodology

There are many steps involved in a Vulnerability Management Program. A Vulnerability Management Program is a process and not just a onetime assessment.

  • SecureState uses a discovery scan in order to identify all active devices and services on the organization’s external presence.
  • Assets that were identified as part of the discovery scan are placed into groups. Assets are grouped according to business impact, sensitivity of the data processed by the asset, etc.
  • A vulnerability scan is performed on all of the organization’s external assets. The scans will identify missing patches, insecure application configurations, dangerous network services, etc.
  • SecureState assists the organization with vulnerability remediation. SecureState does this by validating vulnerabilities that the scanner identifies, removing false positives, assisting with vulnerability prioritization, and providing details on how to remediate vulnerabilities.
  • Once the organization believes that their vulnerabilities have been remediated, SecureState will rescan devices in order to verify that the vulnerabilities have been remediated or that compensating controls have effectively addressed them. The rescan will also ensure that no new vulnerabilities were introduced into the environment while remediating the old ones.
  • The steps listed above are performed on a quarterly basis. SecureState also helps the organization by performing ongoing tracking, trending, and analysis. In addition, SecureState utilizes manual assessments in order to audit the effectiveness of the Vulnerability Management Program.
 

What Makes Us Different

  • Proven experience creating and maintaining Vulnerability Management Programs
  • Regularly re-evaluates the top vulnerability management tools and scanners to ensure proper use of the best tool for the job
  • SecureState’s vulnerability management experts are frequently published and quoted on the subject of vulnerability management