Original Research on Cisco Vulnerability Management

Kenna Security Customer Research

Please select the answer below that best describes your current engagement model between the Security and IT team:

Security investigates and prioritizes vulnerabilities; IT remediates	40%
Security investigates; Security and IT work together to prioritize; IT remediates	20%
Security and IT work together to investigate and prioritize	18%
Security investigates; IT prioritizes and remediates	10%
IT investigates, prioritizes and remediates; Security handles reporting	9%

Kenna Security Case Study

Global 500 Food Company

Introduction

This case study of a Global 500 food company is based on an October 2019 survey of Kenna Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Reporting was a big business problem as server teams needed a central way to organize and prioritize their patching. Kenna solved that for us and integrated well with our vuln scanners.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna Security:

Vulnerability management challenges they experienced that led them to implement the Kenna Security Platform:
- Too many vulnerabilities with no way to effectively prioritize
- No way to quantify or measure risk from vulnerabilities

Use Case

Approach used to prioritize vulnerabilities prior to Kenna:
- Use rating system from scanner

How they evaluate the success of their Kenna Security platform implementation:
- Reduction in Mean Time To Remediate (MTTR)
Kenna’s primary advantage(s) over other vulnerability management platforms:
- Kenna goes beyond basic risk scoring and tells them what they need to fix first
- Kenna provides meaningful and actionable data for remediation (remediation intelligence)
- Kenna provides awareness of how much risk is in their environment
- Kenna is updated continuously with real-time information

Results

The surveyed company achieved the following results with Kenna Security:

Reduction of time spent on the following activities, since using Kenna:
- Time spent on Vulnerability Investigation: over 50%
- Time spent on remediation: over 50%
- Time spent on reporting: over 75%

About Kenna.VM

Cisco Vulnerability Management (formerly Kenna.VM) offers an effective, efficient way to reduce your risk profile using risk-based prioritization powered by data science. Rely on it to ID the vulnerabilities that put you at the greatest risk, create a self-service environment for remediation teams, set intelligent SLAs based on your risk tolerance, compare your risk posture against industry peers, deliver clear reports with intuitive metrics, and more.

Learn More:

Cisco Vulnerability Management

Kenna Security Customer Testimonial

Kenna has enabled the organisation to effectively target vulnerability remediation by focusing on what is important. It has been pivotal in enabling us to obtain ISO27001 certification.

— Senior Cyber Consultant, Large Enterprise Telecommunications Equipment Company

Kenna Security Customer Research

Before Kenna vs. After Kenna: Have you seen a reduction in time spent on the following activities? (Security and IT team time combined)

	Over 75%	Over 50%	Over 25%	Over 10%	0%
Time spent on Vulnerability Investigation	16%	39%	19%	19%	7%
Time spent on remediation	12%	32%	24%	15%	17%
Time spent on reporting	27%	25%	25%	13%	10%

Kenna Security Case Study

Large Enterprise Telecommunications Equipment Company

Introduction

This case study of a large enterprise telecommunications equipment company is based on a December 2018 survey of Kenna Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Kenna has enabled the organization to effectively target vulnerability remediation by focusing on what is important. It has been pivotal in enabling us to obtain ISO27001 certification. In terms of helping to assess vulnerabilities and target remediation, there is no other tool like Kenna.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna Security:

Security challenges experienced that led to implementing the Kenna Security Platform:
- Too many vulnerabilities with no way to effectively prioritize
- High volume of security data lacking context for decision making
- No way to quantify or measure risk from vulnerabilities
- Inefficiencies in vulnerability remediation
Previously used the following to prioritize vulnerability scan data:
- Spreadsheets

Use Case

The key features and functionalities of Kenna Security that the surveyed company uses:

Has been actively using the Kenna Security Platform for 9-12 months.
Kenna Security Platform features most important to them when evaluating competitive or alternative solutions:
- Integrated real-time global exploit intelligence
- Data science-based risk scoring methodology
- “Off the shelf” integrations with a wide range of security data sources

Results

The surveyed company achieved the following results with Kenna Security:

Most important security challenges the Kenna Security Platform has helped solve:
- Addressing vulnerabilities that pose the greatest risk to their environment
- Increased efficiency of vulnerability remediation
- Transforming security data into actionable intelligence
- Finding a quantifiable way to measure, reduce and report on risk
Reduced their risk posture score by 50% since implementing the Kenna Security Platform.
Most important factors that contributed to the success of their Kenna Security implementation:
- The Kenna Customer Success team (CSM, CSE)
- The Kenna support team

About Cisco Vulnerability Management

Kenna is a software-as-a-service Risk and Vulnerability Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna automates the correlation of vulnerability data, threat data, and 0-day data, analyzing security vulnerabilities against active Internet breaches so that InfoSec teams can prioritize remediations and report on their overall risk posture.

Learn More:

Cisco Vulnerability Management

Kenna.VM Customer Testimonial

The organization of the vulnerability data in Kenna allows the IT staff to attack remediation of vulnerable assets. This wasn’t happening before.

— IT Manager, Educational Institution

TechValidate Research on Cisco Vulnerability Management

These pages present data that TechValidate has sourced via direct research with verified customers and users of Cisco Vulnerability Management. TechValidate stands behind the authenticity of all published data. Learn more »

About TechValidate Research

Selected Research Highlights

Global 500 Food Company

Introduction

Challenges

Use Case

Results

Company Profile

About Kenna.VM

Large Enterprise Telecommunications Equipment Company

Introduction

Challenges

Use Case

Results

Company Profile

About Cisco Vulnerability Management

More to Explore

About Cisco Vulnerability Management