Kenna.VM Premier: Accelerate Vulnerability Management with Cisco Talos Intel and Remediation Analytics


New level unlocked. The next step for Kenna.VM users who are maturing their risk-based vulnerability management program is Kenna.VM Premier—and it’s live. 

The Cisco Kenna team is excited to release a new tier of the Kenna Security platform designed specifically for customers or prospects that have reached a point of maturity in which they can and want to do more with their vulnerability management program.

In addition to the existing Kenna features and functionality you know and love, the new Kenna.VM Premier tier includes:

  • In-depth and actionable remediation scoring (New!)  
  • Zero-day vulnerability intelligence, powered by Cisco Talos (New!) 
  • Access to Kenna’s vulnerability intelligence via an API or user interface (UI) 

We’re particularly excited about the new features that are debuting with this tier. So, let’s take a closer look at everything that’s included.

Remediation scoring 

On the Kenna.VM homepage, a new metric will appear at the top right corner (Figure 1). The Remediation Score, as this measurement is known, quantifies how well an organization is addressing risk overall.  

Figure 1: Remediation Score in Kenna.VM homepage

The Remediation Score itself encompasses four key measurements (Figure 3), which may sound familiar to you if you’ve been reading any of the Prioritization to Prediction reports produced by Kenna and the Cyentia Institute:  

    • Coverage: Of all vulnerabilities that should be remediated, what percentage was correctly identified for remediation?  
    • Efficiency: Of all vulnerabilities identified for remediation, what percentage should have been remediated? 
    • Capacity: What is the average proportion of open vulnerabilities that were closed in a given period? 
  • Velocity: What is the speed and progress of remediation?  
Figure 2: Remediation sub-scores in Kenna.VM homepage

These new remediation insights will allow organizations to shift away from relying on just the Risk Score itself as a measurement to assess the performance of remediation teams. While many organizations opt to use the Risk Score in this manner, there are inherent problems with evaluating performance based on the Risk Score—particularly for mature programs. A Risk Score can spike at any moment due to a suddenly high-risk vulnerability—a spike that isn’t a reflection on the remediation team themselves. And as organizations mature, they’re likely to reach a ‘steady state’ with their Risk Score, which makes it a difficult metric to use to measure progress.

Ultimately, these performance metrics will help customers better understand what areas of their remediation efforts are doing well and which might need to be adjusted. 

Zero-day vulnerability intel—brought to you by Cisco Talos 

Another new addition to the Kenna.VM platform is zero-day vulnerability intelligence powered by Cisco Talos. Talos regularly identifies high-priority security vulnerabilities in commonly used operating systems and software. The team works with vendors to disclose more than 200 vulnerabilities every year.  

This new integration with Talos gives Kenna.VM users access to information on zero-day vulnerabilities documented by the Talos research team (and likely to be in their environment). With the “Zero Days” filter in Kenna.VM, users can isolate zero-day vulnerabilities, investigate, and take action leveraging Snort rule IDs provided by Talos, when applicable (Figure 3).

Figure 3: “Zero Days” filter isolates all zero-day vulnerabilities in Kenna.VM Explore page

Vulnerability intelligence—your way 

The last (but certainly not least) piece of the Kenna.VM Premier puzzle is the inclusion of Kenna’s recently enhanced vulnerability intelligence User Interface and API. Kenna is known for its risk scoring, but what people may not realize is just how much data we consume and turn into finished, actionable intelligence. There are more than 18+ threat and exploit intelligence feeds that power our understanding of vulnerabilities, and our vulnerability intel API and UI make of this information available to customers. 

The UI provides a dashboard to research any CVE—regardless of whether or not a scanner found that vulnerability in the customer’s environment. Meanwhile, the API allows customers to query Kenna and export as much of our vulnerability intelligence on as many vulnerabilities as they wish, and use that data to enrich any existing IT, dev or security workflows, including Cisco’s very own SecureX. The data in this set includes descriptions, publication dates, CVSS data, available exploits and fixes, insight into remote exploitable vulnerabilities, and much more. Also provided is the Kenna Risk Score for each vulnerability and an indication of whether it is predicted to be exploitable—unique data points derived by Kenna’s data science.

Figure 4: Kenna’s vulnerability intel dashboard lets you research any CVE to see its risk score and other characteristics

This intelligence, combined with our new remediation scoring and Talos zero-day intelligence, rounds out the Kenna.VM Premier tier as the ideal package for any customer or prospect who is looking to take their vulnerability management program to the next stage of maturity.

Kenna.VM Premier is available today. If you’re interested in learning more, contact your sales representatives or send us a demo request to unlock the next level of your vulnerability management journey.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

Share:





Source link