Modern vulnerability management, based on the level of risk.
Vulnerabilities are generally too numerous to be dealt with quickly and efficiently. Moreover, these vulnerabilities do not have the same degree of criticality and must therefore be treated in a precise order. With the Kenna Security solution (part of Cisco), adopt a modern risk-based vulnerability management approach.
Kenna Security prioritises your vulnerabilities according to their risk level. You can then prioritise the vulnerabilities that are identified as the most critical, and therefore more likely to be exploited.
What is Kenna?
No one wants their organisation to suffer the next data breach because a vulnerability wasn't patched... Kenna Security is a scalable, cloud-based solution that accurately prioritises risk using threat intelligence and data science technologies. It enables security and IT operations teams to take a modern risk-based approach to vulnerability management, proactively prioritising and managing the most important vulnerabilities.
Accurately measure your organisation's risk level
Get an accurate and informed risk assessment by combining your vulnerability data, asset information and real-time threat intelligence. The solution gives you the flexibility to take into account the criticality of the assets you define, real-time threat intelligence, previously managed vulnerabilities and remediation information.
Prioritise high-risk vulnerabilities
Not all vulnerabilities are created equal, and many pose little or no risk. Kenna automatically prioritises vulnerabilities that pose the greatest risk to the organisation, so your teams can focus on fixing them.
Predict future exploitable vulnerabilities
With Kenna's predictive modelling technology, you can, for the first time, accurately predict which vulnerabilities will become exploitable flaws the day they are discovered. This technology gives you better vulnerability coverage for less effort than the Common Vulnerability Scoring System (CVSS).
Align your security efforts with business objectives
The quantified risk assessment improves collaboration between departments by giving them a common language. It helps security and IT communicate clearly and succinctly with management to make objective investment decisions. In addition, cross-departmental information dissemination is automated, so that security and IT teams share the same information about vulnerabilities and how to fix them.
Leverage existing investments
Kenna easily integrates with your existing vulnerability scanners, ticketing tools and other security infrastructure components to increase efficiency. The solution is completely data agnostic, allowing you to leverage the volumetric data you already have through existing investments.
Kenna predictive model vs. CVSS
- Twice the efficiency
- Kenna predicts 61% of future risks, versus 31% for the CVSS model
- Three times less false positives
- Kenna detects 7K false positives, compared to 25K for the CVSS model
- Better coverage of risks
- Kenna covers 62% of risks, compared to 52% for the CVSS model
CVE (Common Vulnerabilities or Exposures) refers to a list of publicly disclosed cybersecurity vulnerabilities organised by ID numbers with descriptions and release dates. Many organisations prioritise CVEs using CVSS (Common Vulnerability Scoring System), a basic scoring framework that rates each CVE based on perceived severity. Understanding the difference between these terms is helpful in understanding how they relate to effective vulnerability management.
Professional servicesReady to talk?
Our professional services team is at your disposal. This can be the first step of a great partnership.
NIS2 advice to CISOs
As a CISO, it is important to understand the requirements of the NIS2 directive and ensure that your company is compliant in a timely manner.
Nomios Group expands in Southern Europe with leading Italian cybersecurity expert Aditinet
The acquisition of Aditinet strengthens Nomios’ European position as one of the leading cybersecurity service companies.
Automation now: Why the silicon shortage is an opportunity, not a crisis
While it’s easy to view the silicon chip shortage as a massive headache, long production waiting times could actually be a significant opportunity for your business to innovate.