Cisco Vulnerability Management Global 500 Insurance Company

TechValidate Customer Research Library / Cisco Vulnerability Management / Case Studies /

Kenna.VM Case Study

Global 500 Insurance Company

Introduction

This case study of a Global 500 insurance company is based on an October 2021 survey of Kenna.VM customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“We are at the beginning of our Kenna journey. It was the superior product. "

“Kenna does a tremendous job in prioritizing risk and providing direction for the patching teams to remediate.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna.VM:

The vulnerability management challenges they were experiencing that led them to implement the Kenna.VM:
- Too many vulnerabilities with no way to effectively prioritize
- Not having a way to quantify or measure risk from vulnerabilities
- Inefficiencies in vulnerability remediation

Use Case

The key features and functionalities of Kenna.VM that the surveyed company uses:

The approach they used to prioritize vulnerabilities prior to Kenna:
- CVSS 9+
They best describe their current engagement model between the Security and IT team as Security investigates; IT prioritizes and remediates.
The criteria they use to evaluate the success of your Kenna.VM implementation:
- Kenna risk score reduction
- SLA adherence

Results

The surveyed company achieved the following results with Kenna.VM:

Before Kenna vs. After Kenna: Have you seen a reduction in time spent on the following activities? (Security and IT team time combined)
- time spent on Vulnerability Investigation: 10 – 25%
- time spent on remediation: 50 – 75%
- time spent on reporting: 50 – 75%
Kenna’s primary advantage(s) over other vulnerability management platforms:
- Kenna goes beyond basic risk scoring and tells me what I need to fix first
- Kenna provides meaningful and actionable data for remediation (remediation intelligence)
- Kenna provides awareness of how much risk is in our environment
- Kenna is updated continuously with real-time information
- Kenna aggregates data and reporting from multiple tools (vuln scanners, CMDB, discovery)
- Kenna includes multiple threat intel feeds (eliminating the need for subscription)
Rates the following for Kenna.VM compared to other vulnerability management solutions:
- remediation Intelligence (guidance on “what to fix first”): highly superior
- integrated real-time global exploit intelligence: superior
- data science-based risk scoring methodology: superior
- “Off the shelf” integrations with a wide range of security data sources: superior
- predictive vulnerability modeling: superior

About Kenna.VM

Cisco Vulnerability Management (formerly Kenna.VM) offers an effective, efficient way to reduce your risk profile using risk-based prioritization powered by data science. Rely on it to ID the vulnerabilities that put you at the greatest risk, create a self-service environment for remediation teams, set intelligent SLAs based on your risk tolerance, compare your risk posture against industry peers, deliver clear reports with intuitive metrics, and more.

Learn More:

Cisco Vulnerability Management

TechValidate Research on Cisco Vulnerability Management