TechValidate Research on Cisco Vulnerability Management


Kenna Security Case Study

Large Enterprise Transportation Services Company

Introduction

This case study of a large enterprise transportation services company is based on an October 2019 survey of Kenna Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Kenna has helped teams talk a common language, use a single-tool and separate responsibility from accountability for the remediation activities. This has helped create focussed groups of risk owners who are aware of their environment and the progress made each period.”

Challenges

  • Vulnerability management challenges they experienced that led them to implement the Kenna Security Platform:
    • Too many vulnerabilities with no way to effectively prioritize
    • Inefficiencies in vulnerability remediation

Use Case

  • Approaches used to prioritize vulnerabilities prior to Kenna:
    • CVSS 7+
    • CVSS 8+
    • CVSS 9+
    • CVSS 10
    • Use rating system from scanner
  • How they evaluate the success of their Kenna Security platform implementation:
    • Kenna risk score reduction
    • Reduction in IT remediation time
    • SLA Adherence
    • Reduction in reporting time
  • Kenna’s primary advantage(s) over other vulnerability management platforms:
    • Kenna goes beyond basic risk scoring and tells them what they need to fix first
    • Kenna provides meaningful and actionable data for remediation (remediation intelligence)
    • Kenna provides awareness of how much risk is in their environment
    • Kenna includes multiple threat intel feeds (eliminating the need for subscription)

Results

The surveyed company achieved the following results with Kenna Security:

  • Reduction of time spent on the following activities, since using Kenna:
    • Time spent on Vulnerability Investigation: over 75%
    • Time spent on remediation: over 50%
    • Time spent on reporting: over 25%
  • Kenna Security Platform compared to other vulnerability management solutions:
  • Remediation Intelligence (guidance on “what to fix first”): Superior
  • Integrated real-time global exploit intelligence: Highly Superior
  • Data science-based risk scoring methodology: Highly Superior
  • “Off the shelf” integrations with a wide range of security data sources: Highly Superior
  • Predictive vulnerability modeling: Highly Superior




About This Data

This data was sourced directly from verified users of Cisco Vulnerability Management by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.


More Research on Cisco Vulnerability Management