Securaa is a Comprehensive No Code Security Automation Platform that blends intelligence, risk-based asset management, vulnerability insights, automation and incident response into a single platform enabling SOC’s to reduce cybersecurity response time significantly and increase throughput manifolds.


LinkedIn

Vulnerability Management

Vulnerability Cover Image

Scenario

Managing assets and their vulnerabilities is a big challenge and requires strategically and logically aligned processes to cover the inventories (assets) and the vulnerabilities present in them. Securaa orchestrates the process of discovering assets for the agent based tools. It helps identifying where agents are deployed and where are they missing enabling an analyst to identify the mandatory controls missing in the environment. Securaa helps in assessing that the mandatory tools are deployed on all the hosts and that each asset related vulnerability is identified. The asset inventory is created by pulling data from both on cloud and on prem devices.
Vulnerability Mini-Flowchart

Data Enrichment

  • Securaa collects asset data from multiple asset sources
  • Securaa then Correlates asset data to find unique assets
  • Securaa also Collects Vulnerability data from VA scanners
  • Securaa also queries the vulnerability management tool for any diagnoses, consequences, and remediation tied to the vulnerability
  • Configuration and resource state data is also collected for cloud assets
  • Securaa ‘s analytical engine maps all the asset data with vulnerability, exploit and vulnerability intelligence data like common vulnerabilities and exposures (CVE) data
  • Vulnerability and exploit intelligence data is also pulled from open source and commercial vulnerability intelligence sources
  • Business context (Application, process, business unit etc.) is applied to each asset
  • The platform also finds missing controls from assets. Ex- lack of EPP on cloud platforms if the asset data from both the sources doesn’t correlate across multiple parameters
assets_by_count

How is the Data Used

  • All incoming incidents are enriched with both asset and vulnerability intelligence
  • The asset data shows last scan results from VA scanners
  • This data is also used for calculating incident risk score apart from the indicator intelligence data
  • The filtered data about critical assets with high severity vulnerabilities and open incidents is sent to the dashboard for analyst review
  • Analyst can create playbooks to automate tasks for remediation of high-priority vulnerabilities.