TechValidate Research on Cisco Vulnerability Management


Kenna Security Case Study

Capital One Uk

Introduction

This case study of Capital One UK is based on an October 2019 survey of Kenna Security customers by TechValidate, a 3rd-party research service.

“Kenna reporting is quick and responsive and provided clear details of vulnerabilities.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Kenna Security:

  • Vulnerability management challenges they experienced that led them to implement the Kenna Security Platform:
    • Too many vulnerabilities with no way to effectively prioritize
    • Inefficiencies in vulnerability remediation

Use Case

The key features and functionalities of Kenna Security that the surveyed company uses:

  • Approaches used to prioritize vulnerabilities prior to Kenna:
    • CVSS 7+
    • CVSS 8+
    • CVSS 9+
    • CVSS 10
  • How they evaluate the success of their Kenna Security platform implementation:
    • Kenna risk score reduction
    • Reduction in vulnerability investigation time
    • SLA Adherence
    • Reduction in reporting time
  • Kenna’s primary advantage(s) over other vulnerability management platforms:
    • Kenna provides meaningful and actionable data for remediation (remediation intelligence)
    • Kenna aggregates data and reporting from multiple tools (vuln scanners, CMDB, discovery)
    • Kenna includes multiple threat intel feeds (eliminating the need for subscription)

Results

The surveyed company achieved the following results with Kenna Security:

  • Reduction of time spent on the following activities, since using Kenna:
    • Time spent on Vulnerability Investigation: over 50%
    • Time spent on remediation: over 50%
    • Time spent on reporting: over 50%




About This Data

This data was sourced directly from verified users of Cisco Vulnerability Management by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.


More Research on Cisco Vulnerability Management