Using Data Connectors for a Consolidated View of Risk in Cisco Vulnerability Management   


Protecting your organization against cyber threats is a top priority. It’s no secret that data breaches and security vulnerabilities can wreak havoc on businesses. The key to safeguarding your organization? Understanding your risk landscape and taking proactive measures to protect your assets.

In this blog post, we’ll dive into Cisco Vulnerability Management’s ability to ingest asset, vulnerability, and fix data from third-party security tools, providing you with a centralized view of risk for effective prioritization and remediation. We’ll also share details on our latest native connector with Rapid7 InsightVM.

Cisco Vulnerability Management: A Brief Overview  

Cisco Vulnerability Management is a risk-based vulnerability management SaaS solution that enables effective vulnerability prioritization through the transformative power of data science. It can ingest security data from a variety of third-party tools, including scanners, asset discovery tools, web application security tools, static and dynamic application security testing tools, bug bounties, and more. In doing so, Cisco Vulnerability Management ensures you have a consolidated, holistic view of security risk across your organization.

Using proven data science techniques like machine learning, natural language processing, and predictive modeling, Cisco Vulnerability Management assesses, prioritizes, and even predicts risk. These approaches allow us to dynamically calculate the risk of every vulnerability and group of assets to enable security and IT teams to prioritize the risk in their environments that matters most. Remediation guidance and workflow integrations with ticketing systems like Jira and ServiceNow then help teams efficiently carry out remediation efforts to ultimately reduce risk.

New Connectors for Cisco Vulnerability Management

Cisco Vulnerability Management offers a variety of native and toolkit connectors to bring security data into one place for effective risk-based vulnerability management.

Rapid7 InsightVM Connector for Cisco Vulnerability Management

Our latest native connector is with the Rapid7 cloud-based vulnerability management solution, InsightVM. Customers of both solutions can use this connector to ingest asset, vulnerability, and fix data from InsightVM into Cisco Vulnerability Management. Combining this ingested data with data from your other security tools in Cisco Vulnerability Management gives you a consolidated view of risk to implement effective prioritization and remediation. For guidance on setting up the InsightVM connector, see our help documentation. 

Cisco Vulnerability Management already has an established connector with Nexpose, Rapid7’s on-premises vulnerability scanner. For customers who are currently using the Nexpose connector, but are planning to migrate to the InsightVM connector, our team has documented migration steps.     

Benefits of Ingesting Security Data into Cisco Vulnerability Management

Gain a Centralized View of Risk

Cyber threats evolve rapidly, and your risk landscape changes accordingly. Consolidating your asset and vulnerability data from scanners, vulnerability management tools, asset discovery tools, SAST & DAST tools, bug bounties and pen-test findings into Cisco Vulnerability Management gives you a comprehensive view of your organization’s risk. Having a centralized view not only makes it easier to identify vulnerabilities but also helps you pinpoint the most critical ones. You can assess the potential impact on your organization and prioritize accordingly.

Adopt Effective Prioritization

Once you have all your data in one place, the next step is to prioritize vulnerabilities that pose the greatest risk to your organization. The Cisco Security Risk Score (formerly Kenna Risk Score) in Cisco Vulnerability Management is assigned to every CVE, CWE, and WASC in your environment.

Leveraging ground truth telemetry and an extensive amount of internal security data, the Cisco Security Risk Score ties into Cisco Vulnerability Management’s predictive model to algorithmically determine risk scores for each unique vulnerability, ranging from zero (no risk) to 100 (highest risk). And, in concert with asset criticality scores, Cisco Vulnerability Management determines an actionable risk score for each asset and group of assets that ranges from zero (no risk) to 1000 (highest risk).

The Cisco Security Risk Score takes into account all of the internal and external variables used in the predictive model that are high indicators of risk. Internal risk calculations factor in the number of instances of each vulnerability in your environment, their potential severity, and the criticality of the assets threatened by each vulnerability. External risk calculations factor in more than just the CVSS score of the vulnerability by also including EPSS, threat intelligence information such as whether or not an exploit kit is available for the vulnerability, the volume and velocity of exploits that take advantage of the vulnerability, and the prevalence of the vulnerability seen throughout customer environments. With accurate and quantifiable risk scores, you will understand your organizations’ current risk posture and identify the actions you can take to reduce the greatest amount of risk.

Improve the Remediation Process

Once you’ve identified the vulnerabilities that pose the greatest risk to your organization, you can work to remediate them. Cisco Vulnerability Management helps align security and IT teams by providing evidence-based prioritization and self-service remediation workflows. Teams can reduce risk fast with Top Fix Groups that guide you on which vulnerabilities should be fixed first and their impact on your risk score. And, of course, integrations with ticketing systems like Jira and ServiceNow help make the remediation process even more efficient by automating some of the tedious work.

Interested in Learning More about Connectors for Cisco Vulnerability Management?

Check out the Cisco Vulnerability Management Technology Integrations page to see a filterable list of available integrations to help you centralize your data and drive effective risk-based vulnerability management. You can also view our downloadable integrations brief for more details!


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!

Cisco Security Social Channels

Instagram
Facebook
Twitter
LinkedIn

Share:





Source link