RiskSense platform addresses security and IT operations gaps
RiskSense released a new version of the RiskSense platform that closes the gap between security and IT that prevents vulnerabilities from being remediated in a timely fashion. New collaboration options include automated vulnerability updates and findings, support for workflows, and ease of communicating and validating IT remediation priorities for fighting cyber risk.
According to Gartner, “Successful realization of standard SOC capabilities is just not possible without certain inputs from the IT organization. A collaborative relationship between the SOC and IT teams such as help desk and network operations center (NOC) is instrumental, but it’s not enough. Depending on the scope of the SOC project, IT will need to either establish new or provide access to existing processes…”
Vulnerability management visibility and collaboration
To help SOC and NOC users prioritize activities based on remediation projects, regulatory compliance, or other business-specific security use cases, RiskSense has introduced the following two key enhancements that simplify the tracking and remediation of security vulnerabilities.
To manage threats from a 360 degree perspective, RiskSense enables users to tag vulnerabilities with views filtered by affected hosts, applications or databases. Users can create tags to facilitate remediation efforts using one or more of the following tag types: location, remediation, people, compliance, scanner, CMDB or the new “project” tag type.
The new project tag allows users to set a determined start and end date for projects and track it through its lifecycle from the tag view. For example, if a user wants to track remediation progress by location, they can choose the location type tag to create a project. These customizable views allow project owners to track both the status and progress of remediation efforts to meet regulatory compliance requirements for PCI, HIPAA, and more.
For tighter collaboration between SOC and NOC teams, RiskSense now offers bi-directional integration with two ServiceNow modules: Incident Request and Service Request. With these new integrations, the sharing and updating of incident or service ticket information is synchronized between the two systems. This enables organizations that use ServiceNow to manage their IT infrastructure to provide network, application and database support teams with vulnerability remediation activity details and status from the RiskSense platform or the ServiceNow interface. Conversely, SOC teams can monitor and maintain visibility into remediation actions and progress by their NOC counterparts in the RiskSense platform.
“Risk and vulnerability management is a collaborative effort between security operations and network operations teams that requires real-time information sharing to remediate high-priority threats before they can be exploited,” said Srinivas Mukkamala, CEO of RiskSense.
“We continue to enhance the RiskSense platform and its workflow capabilities to make it easier, faster and more automated for organizations to detect and fix security risks, even if their attack surface is growing faster than the resources they have to manage it.”
In addition to the ServiceNow functionality, this latest release of the RiskSense platform also features a new integration with Tanium Comply, as well as support for Retina’s new Extended Report format.