Transcription
DATA SHEET:Managed Vulnerability ServiceComprehensive vulnerability management. Rapid risk Identify assetvulnerabilities withprecision across traditionaland dynamic IT assets forcontinuous visibility intoyour expandingbusiness environment.ACTIVE RISKPRIORITIZATIONAND LIFECYCLETRACKINGDEDICATEDEXPERTISE DRIVINGCONTINUOUSOPTIMIZATIONCO-MANAGEDFLEXIBILITY WITHCUSTOMIZEDREPORTINGFocus on vulnerabilitiesthat present the greatestpotential risk with expertguidance to facilitateremediation prioritizationagainst dangerous exploits.Alleviate resourceconstraints with dedicatedexperts that provideend-to-end managementand platform refinementfor greater operationalefficiency.Realize the benefits of avulnerability managementplatform without thecomplexity, complete with fullsystem access and flexibilityto run your own customizedscans and reporting.THE PROBLEMUnpatchedVulnerabilitiesof organizations that were breached in the past two yearssay the root cause was an unpatched known vulnerability 1OverwhelmingInfrastructureof security teams say softwarevulnerability volume is overwhelming 2AttackersCapitalize FasterThan Ever13decrease in the time window from vulnerability discoveryto attack over the last two years 3Ponemon Institute, “Today’s State of Vulnerability Response: Patch Work Demands Attention”, 2Tenable/Enterprise strategy group, 2018Ponemon Institute, “Today’s State of Vulnerability Response: Patch Work Demands Attention”
THE SOLUTIONManaged Vulnerability Service identifies vulnerabilities with precision across traditional and dynamic IT assets such asmobile devices, OT, IoT, virtual machines and cloud for full visibility across your business environment. Integrated eSentireexperts are an extension of your team, providing analysis and guidance that facilitates accuracy of asset classification andlifecycle tracking with prioritization of risk contextual to your business objectives. Delivered as a flexible co-managed model,Managed Vulnerability Service alleviates the managerial burden for your team and provides continuous platform refinementand progress measurement. Your team receives full system access to run customized scans and reports for greater operationalefficiency and satisfaction of regulatory requirements.WHAT DOES MANAGED VULNERABILITY SERVICE SOLVE FOR?Continuous identification and tracking ofnew and existing assetsFlexibility and timely scanning completionScan accuracy and contextual risk prioritizationComprehensive tracking of vulnerability lifecycleTime and effort to analyze and prioritize remediationResource expenditures investigating false positivesVulnerability closure verificationReducing time frame from vulnerabilitydiscovery to remediationHuman resources dedicated to vulnerability managementContinuous optimization and tuningof vulnerability scanning platformIncreasing regulatory and reporting requirements(PCI, GDPR, SEC, FINRA, HIPAA, etc.)HOW IT nagementLifecycleRemediateAssessReportDATA SHEET: MANAGED VULNERABILITY SERVICE2
Discover M anaged Vulnerability Service team schedules andexecutes regular scans of internal and external IT assets Monthly scans of internal assets Weekly scans for external assets Co-managed model gives you access to ad-hoc scanning and reporting Managed Vulnerability Service team alerts with newly discovered critical vulnerabilitiesPrioritize and assess Managed Vulnerability Service team works with your team to continuously redefine your unique risk profile Assets are grouped, categorized and tracked for quicker analysis and visualization Managed Vulnerability Service team analyzes and prioritizes vulnerabilities that present the greatest riskReport Managed Vulnerability Service team prepares and delivers a customized report bundle Executive summaries for non-technical audiences Detailed summary for technical audiences Pre-configured and customizable dashboards availableRemediate and verify Managed Vulnerability Service team monitors scans for errors and accuracy Managed Vulnerability Service team provides guidance and recommendations during remediation process Ad-hoc scanning to verify vulnerabilities have been remediated effectivelyNetwork-based scanningAgent-based scanningManaged Vulnerability ServiceManaged Vulnerability ServiceOn-premises assetsCloud assetsAgentDATA SHEET: MANAGED VULNERABILITY SERVICEAgentAgent3
FEATURESComprehensive VisibilityExecutive and Technical ReportingIndustry-leading IT asset coverage with scanningCustom executive and detailed summary reportingavailable for more than 109,000 vulnerabilities.available for technical and non-technical audiences.Flexible Scanning ToolsRegulatory Requirement ReportingCollect the data you need to increase visibilityPre-built compliance reporting and dashboardsand decrease risk from vulnerabilities via networkfor multiple security frameworks includingscanners and agents.PCI, NIST, ISO and CIS.Dynamic Asset TrackingCo-managed FlexibilityGroup and classify assets in a single pane of glassFull system access and flexibility to run your ownwith attributes beyond IP addresses to more accuratelycustomized scans and reporting alongside eSentire’sidentify and prioritize new and existing vulnerabilities.dedicated Managed Vulnerability Service experts.Business Contextual Risk PrioritizationWeb Application Scanning (Add-On)eSentire dedicated Managed Vulnerability ServiceSafely and accurately scan your web applicationexperts provide risk prioritization and guidanceportfolio without the worry of performancespecific to your unique business context.latency or disrupting your development team.Continuous Optimization and Focused GuidancePCI Approved Scanning Vendor Solution (Add-On)eSentire dedicated Managed Vulnerability ServiceStreamline and comply with quarterly scanningexperts become a genuine extension of your teamrequirements required by PCI 11.2.2.providing end-to-end management that optimizesthe vulnerability management lifecycle includingremediation guidance, verification, scan qualityassurance and weekly communication on newlydiscovered vulnerabilities.DATA SHEET: MANAGED VULNERABILITY SERVICE4
MAKE THE CASE FOR MANAGED VULNERABILITY SERVICEDIY vs. Typical Provider vs. Managed Vulnerability ServiceeSentire’s Managed Vulnerability Service service is single tier, all-inclusive and completely transparent.Typically, vulnerability management service offerings from legacy service providers have multiple tiers of service levelswith hidden costs and confusing service level agreements.Recruiting, retaining and dedicating knowledgeableIT security staff to manage and analyze scansDIYTypical ServiceProvidereSentireRequiredNot RequiredNot RequiredComprehensive pre-built and customized reporting forvarious audiences (executive, technical, regulatory)Sourcing, set-up, platform maintenanceAd hoc scanningExtra CostOngoing vulnerability prioritization contextual to evolving business risk profileExtra CostScan accuracy verification and continuous optimizationaccounting for changing IT environmentExtra CostOngoing threat intelligence communications on emerging vulnerabilitiesExtra CostBENEFITSIdentifies vulnerabilities across dynamic andexpanding IT assetsMinimizes the vulnerability discoveryto remediation timeframeImproves scanning consistency and timelinessTracks and measures programmatic improvementsTracks and measures the vulnerability lifecycleReduces operational, staffing and resource constraintsPrioritizes remediation against greatestpotential business riskSatisfies regulatory requirementsVerifies remediation and quality assuranceeSentire, Inc., founded in 2001, is the category creator and world’s largest Managed Detection and Response (MDR) company, safeguardingbusinesses of all sizes with the industry-defining, cloud-native Atlas platform that removes blind spots and enables 24x7 threat hunters to containattacks and stop breaches within minutes. Its threat-driven, customer-focused culture makes the difference in eSentire’s ability to attract the besttalent across cybersecurity, artificial intelligence and cloud-native skill sets. Its highly skilled teams work together toward a common goal to deliverthe best customer experience and security efficacy in the industry. For more information, visit www.esentire.com and follow @eSentire.
eSentire dedicated Managed Vulnerability Service . experts become a genuine extension of your team . providing end-to-end management that optimizes the vulnerability management lifecycle including remediation guidance, verification, scan quality assurance and
