Independent technology advisory company 451 Research recently published a report that provides lots of great insights into the vulnerability management space and our place within it. Here’s a particularly noteworthy excerpt – if your vulnerability scanners are producing reports the size of phone books, you will definitely recognize the data overload issue that analyst Adrian Sanabria is describing.
The base problem is that few enterprises have the resources or time to fix all discovered vulnerabilities. Many can't even tackle all the critical findings. With limited ability to address these issues, the typical enterprise is faced with shifting to a different IT architecture/approach (e.g., the cloud, devops), or taking an approach that ensures that limited efforts are focused on fixing issues that are in fact most urgent, rather than ones that might seem most urgent.
Core Insight is the company's newest product, and represents the largest market growth opportunity for the company. The product's purpose is to ingest vulnerability data from a variety of sources, to be consolidated, normalized and prioritized. Insight can parse data from a number of vulnerability scanners, including (but not limited to) products from Qualys, Tenable Network Security, Tripwire, HP and IBM.
In addition to building a database of vulnerabilities from multiple sources, Insight can also read router and firewall configurations to determine potential 'attack paths' through the network. The combination of the two makes it possible for Insight to display a topographical map of the network, showing paths that attackers could take, and systems currently vulnerable to attack directly or via pivoting. Customers that also have access to Core Security's Impact Pro exploit tool can take things a step further by validating that the reported vulnerabilities are exploitable.
One of the key benefits of the Insight product is the ability to use its correlation and prioritization features to single out issues that are truly critical to that particular corporate environment and network topology, not just generically 'scored' as critical. Context is important, and Insight takes that into account. The company also boasts a short implementation time frame and ROI turnaround, backing up these claims with convincing customer testimonials.
This report also includes a look at our company’s history (did you know we were founded in Argentina?) and a SWOT analysis. Give it a read, we’d love to hear your thoughts!