S O L U T I O N B R I E F

Vulnerability Risk Service

Copyright © 2019 BRINQA www.brinqa.com 1

Knowledge-driven vulnerability risk remediation

CYBER RISKGRAPH

Connects, models and analyzes all relevant security, context and threat data to deliver

knowledge-driven insights for vulnerability prioritization, remediation and reporting.

Foundational Cybersecurity Control

Vulnerability management is on the list of top priorities for forward thinking security organizations. The Council of Cyber Security emphasizesVulnerability Assessment and Remediation as one of the top 5 controls that help organizations establish the foundation of security and have themost immediate impact on preventing attacks. Research indicates that for identified vulnerabilities, it typically takes organizations hundreds ofdays to remediate problems. These numbers indicate that despite a steady increase in the effectiveness of vulnerability assessment tools and ininvestments in this technology, the benefits have been difficult to realize.

Knowledge-driven, Automated Solution

To effectively protect against existing and emerging threats, security teams must understand and acknowledge the new and expanded scope ofmodern vulnerability management. Brinqa Vulnerability Risk Service focuses on critical risk functions to deliver true cybersecurity toorganizations. The solution uses a risk-based approach to model program scope and context by mapping relevant assets, their dependencies andownership. It identifies and communicates critical assets in the organization and their impact to business and consolidates vulnerability, threatand asset data from all relevant sources, resolving conflicts or redundancies, and representing data on a normalized scale.

For most organizations, vulnerability assessments result in findingsthat far exceed the security team’s bandwidth for addressing them.The data overload problem is severely compounded by the host ofmanual processes commonly employed during detection, validation,and remediation. To combat data overload most organizations employsome form of vulnerability prioritization, often based on static criterialike CVSS base score. Zero-day vulnerabilities expose how ill fittingthese methods are in the ever-changing threat landscape. Withattackers frequently changing strategies and methods, security teamsare hard-pressed to keep up. Failing to deliver tangible securitybenefits, vulnerability management programs often revert to a ‘check-box’ approach that meets compliance requirements but in turnexposes the organization to greater risk.

Brinqa Vulnerability Risk Service derives risk scores for vulnerabilitiesand assets by correlating with business context, threat intelligence andtemporal factors. It prioritizes vulnerabilities for remediation based onimpact to business, severity and relevance of compromise to deliver thehighest risk-reduction and provides an easy and automated path toremediation. The solution delivers KPIs, KRIs and metrics thatcommunicate key controls, applications, business assets, programstatus, and remediation statistics to all stakeholders and continuouslyidentifies, integrates and represents changes - in classification,exploitability, impact and status - for closed loop remediation andmonitoring.

Vulnerability Risk Management Process

Vulnerabilities On The RiseSource : National Vulnerability Database

Copyright © 2019 BRINQA www.brinqa.com 2

ABOUT BRINQABrinqa empowers customers to own their cyber risk with a unique, knowledge-driven approach to cybersecurity challenges. Brinqa Cyber RiskGraph - the knowledge graph for cybersecurity - connects all relevant security and business data, establishes a common risk language, and powers cybersecurity insights and outcomes. Brinqa Cyber Risk Services apply this knowledge to uniquely inform risk managementstrategies, standardize security data management and analysis, improve communication between teams, deliver actionable insights and automate risk remediation. With Brinqa, cybersecurity programs and processes will evolve with changing risk priorities, threat landscape and technology trends. Learn more at www.brinqa.com and follow us on Twitter and LinkedIn.

S O L U T I O N B R I E F

SOLUTION HIGHLIGHTS

Intelligently  connect

vulnerability, asset and threat

intelligence from all sources

for complete visibility of cyber

risk.

Prioritize remediation to

address the most exploited

and prevalent vulnerabilities

that have the biggest impact to

your business.

Eliminate the noise of false

positives with a view of all

vulnerabilities relative to the

magnitude of the threat.

Automate risk-aware, closed-

loop remediation of

vulnerabilities at scale through

creation, tracking and

escalation of tickets.

Narrow communication gaps

across teams with a common

model and language for

prioritizing and remediating

vulnerability risk.

Communicate real-time

program metrics and risk

indicators to all key

stakeholders.

Asset ManagementAccurate inventory of authorized and unauthorized devices is crucial to reducing the abilityof attackers to identify and exploit vulnerabilities. Brinqa Vulnerability Risk Service provideseasy integration with CMDB, HR, configuration management and active asset discovery toensure a complete and up-to-date representation of the organization’s assets and hierarchy.

Vulnerability EnumerationBrinqa Vulnerability Risk Service delivers complete vulnerability identification andenumeration by integrating with vulnerability assessment and monitoring technologies forevery aspect of the enterprise IT environment - infrastructure, applications, cloud,containers, and configurations. The connectors support one-click and scheduledsynchronization of data while providing administrators with a host of utility functions forreconciling redundancies, duplicates and conflicts.

Integrated Threat IntelligenceBrinqa Vulnerability Risk Service integrates a host of open source and commercial threatfeeds into an organization's vulnerability management program - providing comprehensivevisibility into known exploits, weaponization, zero-day popularity, pervasiveness and patchavailability. This information is crucial to assessing the true impact, likelihood and cost of avulnerability.

Risk PrioritizationBrinqa Vulnerability Risk Service combines all criteria behind asset criticality, networkexposure, and vulnerability severity into an open, transparent, and adjustable risk calculationmodel. Customers can implement their unique risk perspectives in the prioritization processand focus on what matters most to them.

Risk RemediationRule-based automated remediation provides administrators with the ability to createintelligent tickets by grouping vulnerabilities based on inherent characteristics, assetproperties, remediation options and ownership. Tickets are created automatically, reducingthe remediation gap - the time between vulnerability discovery and remediation. Automatedticket creation improves the effectiveness, efficiency, and consistency of remediation effortsby dynamically enforcing ownership, escalation chains, and SLAs.

Risk Analytics & CommunicationBrinqa Vulnerability Risk Service tracks key KRIs, KPIs and program metrics to monitor risk-reduction, remediation time and window of opportunity. The self-service analytics interfaceallows stakeholders to leverage a library of metrics and reports, or to define their own. Thesolution comes with a wide variety of technology and business hierarchy based reportstargeted for a diverse audience ranging from C-level executives to technical staff.