Streamlining Vulnerability Management for a Technology Firm

  • Industry: Technology
Improve tracking of remediation progress and SLA compliance for effective vulnerability management.

Engagement Details

  • Project Name: Vulnerability Assessment and Vulnerability Management (VA-VM) Optimization
  • Environment: 10,000+ endpoints across on-premise and cloud

Business Need

  • Improve tracking of remediation progress and SLA compliance for effective vulnerability management.
  • Address reporting inconsistencies, inventory inaccuracies, and scan scheduling conflicts.
  • Enhance the management of open and closed findings across multiple clients and assets.

Challenges

  • Difficulty in tracking remediation efforts and meeting SLA compliance.
  • Variability in reporting and conflicts in scan scheduling reduced efficiency.
  • Managing a vast inventory of assets, including open/closed findings, was complex and time-consuming.

Solutions

  • Governance Calls: Conducted bi-weekly calls to monitor and ensure remediation progress.
  • Asset Prioritization: Focused on critical assets, including PCI systems and IDMZ servers, to address high-risk vulnerabilities first.
  • Automated Reporting: Developed scripts for generating customized, client-specific reports to ensure clarity and consistency.
  • Dashboards: Utilized Splunk and Rapid7 to create real-time dashboards for effective vulnerability tracking.
  • Controlled Scanning: Implemented a Change Request (CRQ) process to schedule scans without conflicts or disruptions.

Results

  • Enhanced security posture with a 54% reduction in attack surfaces.
  • Strengthened defences against unauthorized access and cyber threats.
  • Secured data in transit with robust encryption standards.
  • Demonstrated a commitment to protecting customer data and reducing risks effectively.

Key Takeaways

This project highlights Softenger’s proficiency in managing complex vulnerability assessment and management (VA-VM) programs. By implementing robust governance, prioritization, and automation strategies, Softenger enabled the client to achieve greater efficiency, compliance, and security across a large and diverse endpoint environment.

Scroll to Top