Mature vulnerability management provides the best return on invest in protecting an enterprise against breaches.
We provide a holistic vulnerability management service tailored to the customer's needs incorporating vulnerability advisory services, vulnerability scans, false-positive validation, adapted scoring of identified issues, issue reporting, issue dispatching inside your organization and vulnerability resolution consulting.
Define the Enterprise Vulnerability Management Policy
Vulnerability Management is team sport involving different team players from security architecture, cyber security, security monitoring, IT operations, risk, compliance and more. In order for every team member of all those different departments to understand his roles and responsibilities, there should be clearly defined rules. Together with out customers we define the Enterprise Vulnerability Management Policy (the rule book) by which all team players need to act. We create a Policy which we agree with all involved stakeholders in an iterative manner, to create a rule book which is agreeable for all participants and meets the security demands of the Enterprise. We follow the
IDENTIFY -> PRIORITIZE -> SCAN -> REPORT -> MITIGATE -> MEASURE -> REPEAT
lifecycle of vulnerabilities. We dive deep into every step of the process to ensure that roles and responsibilities in each phase are clear. We cover edge cases (e.g. 0-day handling, emergency procedures, escalation management) so that every next step of the process is well defined and team players have a clear path.
Security Vulnerability Management as a Managed Service
Our managed service covers all steps of the Vulnerability Management lifecycle. Together with our customers we identify the scope of the assets and regularly adapt it. We prioritize assets and ensure scans are performed on an agreed schedule and cadence. We validate scan results and adapt vulnerability scores to reflect the actual risk for the customer's environment. We create a comprehensible report, which we distribute to customers through agreed channels. We validate fixes and mitigations either with the next scan cycle or on-demand once a fix has been implemented.
We provide three fixed price shirt sized packages for small and medium size customers. Please contact us at firstname.lastname@example.org