When Jeff Heuer and I decided risk-based vulnerability management (RBVM) needed to be a thing a decade ago, we knew we were ushering in a more effective and efficient way for organizations to reduce risk. At the time, our primary aspiration was to create a solution that Security and IT executives could rely on to understand which vulnerabilities posed the greatest risk to their unique environment. The idea was that risk-based prioritization aligned everyone around the same goal, thus eliminating the squabbles that inevitably arose when Security showed up at IT’s door with thousands of “critical” vulnerabilities to patch.
This was new thinking back then. But as a former CISO myself and after watching vulnerabilities and exploits multiply at a ridiculous rate, Jeff and I understood that the future of vulnerability management would be risk-based, if only because it had to be.
Now, after years of evolving, innovating and proving our solution in some of the world’s most demanding customer environments, we’ve been gratified to see that the rest of the industry has caught on to the need to focus on risk. We saw vulnerability scanner providers manage to cobble together bolt-ons for prioritizing vulns based on risk. (Good for them, we said, as we welcomed the arrival of others to this market.) The industry was moving in the right direction, and that was good for everyone.
“Even the most demanding company can confidently move forward with Kenna.VM to align its business and security needs, making this an SC Labs Best Buy.”SC Magazine, May 1, 2020
Throughout all this, it has been particularly gratifying to see Kenna Security emerge as the leader in risk-based vulnerability management. This was again confirmed most recently by SC Magazine, whose perfect 5-star review of Kenna.VM, our core product, also named us a Best Buy.
“Kenna Security Kenna.VM offers undisputed, evidence-based, real-time threat intelligence and risk scoring focusing on active exploits.”
Understanding what poses a risk (and what doesn’t) to your particular environment is the key to efficient, effective prioritization. You need it to confidently predict which exploit events are likely to affect your environments. And it takes more than subscribing to a threat intel feed or two. Kenna employs a broad base of threat intelligence covering both volume and velocity of events, 7+ billion managed vulnerabilities, and extensive global attack telemetry to provide the most informed vulnerability prioritization available.
The word “undisputed” is critical here, too. When your remediation plan is based on evidence, suddenly the age-old dispute over what constitutes a priority vulnerability becomes a thing of the past. Everyone’s aligned around the same goal.
“The comprehensive proprietary data science that backs Kenna.VM efficiently aggregates and analyzes scan data to provide role-based visibility and guidance on personalized and usable remediation insights.”
SC Magazine’s editors saw what our customers see every day: That there’s nothing like personalized, data-driven guidance you can act on immediately. It clarifies for the remediation team what must be addressed now so the 2%-5% of high-risk vulns get patched before they’re exploited.
“The platform is also easy to navigate. Users can simply and intuitively pull information from dashboards and add it into reports, and they may choose from several predefined report templates.”
Any security exec who has tried to explain vulnerability management progress to other C-level colleagues or board members (let alone compliance officers and auditors) knows firsthand the challenge of reporting—and why anything that makes this process easier and more intuitive is invaluable. In addition to top-rated reporting, Kenna.VM users can rely on understandable metrics like Kenna Risk Meters that are assigned to various asset groups or functions, and that show the progress they’re making to reduce risk over time. “We really liked the dashboard risk meter,” wrote SC Magazine.
“Kenna.VM is a boundary-free, scalable, threat intelligence-based solution that can help align their business and security needs.”
We designed Kenna.VM to protect you across the entire software stack. Our extensive library of connectors to third-party scanners and other products, in addition to our API for custom integrations, ensures you won’t leave any corner of your IT environment untouched. And as a cloud-based solution, Kenna.VM scales along with you, so you can manage the right level of risk for your business no matter how large or complex it becomes. In fact, we’re protecting more than 13 million customer assets this very minute.
Why a Best Buy rating matters
Now more than ever, having independent industry observers award your solution with a Best Buy rating means everything. In this era of disruption and uncertainty, organizations are more careful with budgets than ever. They are (and should be) looking closely at every Security and IT investment, every annual subscription, to ensure their investments are working to reduce and manage risk to an acceptable level.
It follows, then, that a perfect five-star score and a Best Buy rating certainly should make choosing the next investment easier for managers tasked with reducing risk while also making the most of their budget.
We’re excited that SC Magazine has acknowledged the groundbreaking advantages of Kenna.VM. Now if you’ll excuse me, we’re busy working to make this Best Buy solution even better.
Interested in seeing what a perfect five-star score and a Best Buy RBVM solution looks like? Book a demo today
The post 5 Stars is Cool. Best Buy is Even Better. Here’s Why. appeared first on Kenna Security.