Original Research on Cisco Vulnerability Management

Kenna Security Customer Testimonial

Kenna allowed us to break down our Vulnerability management practices to include basic Infrastructure and Application mitigation practices, decreasing our MTTR overall, as well as identify risks using a more intelligent decision making process.

— Cybersecurity Senior Associate, Medium Enterprise Wholesale Distribution Company

Kenna Security Customer Testimonial

The Kenna platform gives us great visibility into our existing vulnerabilities and makes it easy to search for specific vulnerabilities or report on a single system or group of systems. This was significantly easier than searching through massive PDF scan reports for the info we needed.

— Head of Information Security, Medium Enterprise Pharmaceuticals Company

Kenna Security Case Study

S&P 500 Health Care Company

Introduction

This case study of a S&P 500 health care company is based on an October 2019 survey of Kenna Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“We’ve shifted to spending more time on really critical issues, and getting faster remediations for those. That is huge value add!”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna Security:

Vulnerability management challenges they experienced that led them to implement the Kenna Security Platform:
- Too many vulnerabilities with no way to effectively prioritize

Use Case

The key features and functionalities of Kenna Security that the surveyed company uses:

Approaches used to prioritize vulnerabilities prior to Kenna:
- CVSS 7+

How they evaluate the success of their Kenna Security platform implementation:
- Kenna risk score reduction
Kenna’s primary advantage(s) over other vulnerability management platforms:
- Kenna goes beyond basic risk scoring and tells them what they need to fix first

Results

The surveyed company achieved the following results with Kenna Security:

Reduction of time spent on the following activities, since using Kenna:
- Time spent on Vulnerability Investigation: over 50%
- Time spent on remediation: over 10%
- Time spent on reporting: over 25%

About Kenna.VM

Cisco Vulnerability Management (formerly Kenna.VM) offers an effective, efficient way to reduce your risk profile using risk-based prioritization powered by data science. Rely on it to ID the vulnerabilities that put you at the greatest risk, create a self-service environment for remediation teams, set intelligent SLAs based on your risk tolerance, compare your risk posture against industry peers, deliver clear reports with intuitive metrics, and more.

Learn More:

Cisco Vulnerability Management

Kenna Security Customer Research

Before Kenna vs. After Kenna: Have you seen a reduction in time spent on the following activities? (Security and IT team time combined)

	Over 75%	Over 50%	Over 25%	Over 10%	0%
Time spent on Vulnerability Investigation	16%	39%	19%	19%	7%
Time spent on remediation	12%	32%	24%	15%	17%
Time spent on reporting	27%	25%	25%	13%	10%

Kenna Security Case Study

Large Enterprise Telecommunications Equipment Company

Introduction

This case study of a large enterprise telecommunications equipment company is based on a December 2018 survey of Kenna Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Kenna has enabled the organization to effectively target vulnerability remediation by focusing on what is important. It has been pivotal in enabling us to obtain ISO27001 certification. In terms of helping to assess vulnerabilities and target remediation, there is no other tool like Kenna.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna Security:

Security challenges experienced that led to implementing the Kenna Security Platform:
- Too many vulnerabilities with no way to effectively prioritize
- High volume of security data lacking context for decision making
- No way to quantify or measure risk from vulnerabilities
- Inefficiencies in vulnerability remediation
Previously used the following to prioritize vulnerability scan data:
- Spreadsheets

Use Case

The key features and functionalities of Kenna Security that the surveyed company uses:

Has been actively using the Kenna Security Platform for 9-12 months.
Kenna Security Platform features most important to them when evaluating competitive or alternative solutions:
- Integrated real-time global exploit intelligence
- Data science-based risk scoring methodology
- “Off the shelf” integrations with a wide range of security data sources

Results

The surveyed company achieved the following results with Kenna Security:

Most important security challenges the Kenna Security Platform has helped solve:
- Addressing vulnerabilities that pose the greatest risk to their environment
- Increased efficiency of vulnerability remediation
- Transforming security data into actionable intelligence
- Finding a quantifiable way to measure, reduce and report on risk
Reduced their risk posture score by 50% since implementing the Kenna Security Platform.
Most important factors that contributed to the success of their Kenna Security implementation:
- The Kenna Customer Success team (CSM, CSE)
- The Kenna support team

About Cisco Vulnerability Management

Kenna is a software-as-a-service Risk and Vulnerability Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna automates the correlation of vulnerability data, threat data, and 0-day data, analyzing security vulnerabilities against active Internet breaches so that InfoSec teams can prioritize remediations and report on their overall risk posture.

Learn More:

Cisco Vulnerability Management

Kenna Security Customer Research

What vulnerability management challenges were you experiencing that led you to implement the Kenna Security Platform?

Too many vulnerabilities with no way to effectively prioritize	69%
High volume of security data lacking context for decision making	44%
No way to quantify or measure risk from vulnerabilities	49%
Inefficiencies in vulnerability remediation	47%

TechValidate Research on Cisco Vulnerability Management

These pages present data that TechValidate has sourced via direct research with verified customers and users of Cisco Vulnerability Management. TechValidate stands behind the authenticity of all published data. Learn more »

About TechValidate Research

Selected Research Highlights

S&P 500 Health Care Company

Introduction

Challenges

Use Case

Results

Company Profile

About Kenna.VM

Large Enterprise Telecommunications Equipment Company

Introduction

Challenges

Use Case

Results

Company Profile

About Cisco Vulnerability Management

More to Explore

About Cisco Vulnerability Management