Achieving 95% Asset Coverage and Real-Time Vulnerability Management

Our client was struggling with a lack of security resources, a fragmented scanning and remediation strategy, and inefficient reporting and compliance processes. Their staff was overwhelmed and had lost faith in the process, tools, and the asset owners who failed to remediate identified vulnerabilities.

In addition, the organization faced severe operational hurdles:

• Low Asset Coverage: The team scanned less than 50% of the assets each quarter and could only scan 30,000 IP addresses monthly, leaving many assets with critical vulnerabilities.
  
  
• Process Inefficiency: The team contended with a high false positive rate due to poor scanner configuration and had to manage a large and growing scan exclusion and exception list.
  
  
• Manual Reporting: The team relied on time-consuming manual preparation of reports and had to conduct ad-hoc scans to plug security gaps between quarterly scans.

However, finding a cost-effective solution by either leveraging local expertise or traditional managed services was not a viable option due to the organization’s need for diverse security expertise, internal control and visibility to the program, and partner flexibility.

They needed a security partner that could adapt to their unique needs.

The real value was improving the organization’s overall security maturity by having a partner with the specialized experts to implement a best-in-class vulnerability management program.

The client immediately recognized the value of the collaborative model, as noted by their Senior VP of Information Security:

"[SecureOps] have provided a wide range of specialized security services to complement my internal organization. The combination has allowed us to achieve superior service levels very cost effectively. Operating as a 'near shore' solution provider from Canada allows the benefit of same time zone responsiveness at a very favorable price point compared to other managed and professional services alternatives."

SecureOps enhanced our client’s vulnerability management program with measurable results, including:

• The high number of resources committed to running basic operations have evolved or been replaced to now perform higher value functions, such as helping asset owners with remediation, supporting Threat and Incident Response teams, and performing additional automation and the optimization of processes.
  
  
• Elimination of on-demand, costly, and inefficient scans in favor of strategic, scheduled scans. The percentage of assets scanned has risen from 50% to 95% through more than 40 scheduled scan types, providing more information about system vulnerabilities sooner.
  
  
• The backlog of scans, patching and remediation was eliminated; vulnerability management is now conducted in near real-time.
  
  
• Highly critical assets are scanned by priority on a daily or weekly basis rather than quarterly.
  
  
• Scoping and reporting are integrated with ITSM and CMDB dashboards, showing a much clearer picture of the vulnerability landscape across the organization.
  
  
• Total number of IP scan/rescan monthly increased to 1.5 M.

By partnering with SecureOps, the wireless communication provider overcame severe resource constraints and low scanning coverage to implement a comprehensive, risk-based strategy. The resulting elimination of the remediation backlog and the increase in monthly IP scans to over 1.5 million dramatically reduced the client's exposure to attacks, allowing internal staff to shift focus from basic operations to higher-value security functions.