Cisco Vulnerability Management Chipotle Mexican Grill, Inc.

TechValidate Customer Research Library / Cisco Vulnerability Management / Case Studies /

Kenna Case Study

Chipotle Mexican Grill, Inc.

Introduction

This case study of Chipotle Mexican Grill, Inc. is based on a February 2023 survey of Kenna customers by TechValidate, a 3rd-party research service.

“The ability to collect and report on vulnerabilities from multiple tools saves time for reporting true risk per organization with a non-biased view. It’s also very easy to utilize the data provided when providing risk assessments to the Executive team.”

“Our Customer Success Manager has been a wonderful contact for my team and me. He’s very receptive to our needs and is always quick to respond to all inquiries. He has a strong knowledge of the product and has helped with providing knowledge on the best way to pull the data we need out of the tool. He’s a great representative of the company.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna:

The vulnerability management challenges they were experiencing that led them to implement the Kenna.VM:
- Too many vulnerabilities with no way to effectively prioritize
- High volume of security data lacking context for decision making

Use Case

The key features and functionalities of Kenna that the surveyed company uses:

The approach they used to prioritize vulnerabilities prior to Kenna:
- A homegrown prioritization tool
They best describe their current engagement model between the Security and IT team as Security investigates and prioritizes vulnerabilities; IT remediates.
The criteria they use to evaluate the success of your Kenna.VM implementation:
- Kenna risk score reduction
- Quality and presentation of data

Results

The surveyed company achieved the following results with Kenna:

Before Kenna vs. After Kenna: Have you seen a reduction in time spent on the following activities? (Security and IT team time combined)
- time spent on Vulnerability Investigation: 25 – 50%
- time spent on remediation: 10 – 25%
- time spent on reporting: 50 – 75%
Kenna’s primary advantage(s) over other vulnerability management platforms:
- Kenna goes beyond basic risk scoring and tells me what I need to fix first
- Kenna provides meaningful and actionable data for remediation (remediation intelligence)
- Kenna aggregates data and reporting from multiple tools (vuln scanners, CMDB, discovery)
- Easy to read and interpret the data on the dashboard
Rates the following for Kenna.VM compared to other vulnerability management solutions:
- remediation Intelligence (guidance on “what to fix first”): superior
- integrated real-time global exploit intelligence: on par
- data science-based risk scoring methodology: Superior
- “Off the shelf” integrations with a wide range of security data sources: Superior
- predictive vulnerability modeling: Superior

About Cisco Vulnerability Management

Kenna is a software-as-a-service Risk and Vulnerability Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna automates the correlation of vulnerability data, threat data, and 0-day data, analyzing security vulnerabilities against active Internet breaches so that InfoSec teams can prioritize remediations and report on their overall risk posture.

Learn More:

Cisco Vulnerability Management

TechValidate Research on Cisco Vulnerability Management