TechValidate Research on Cisco Vulnerability Management

10 Charts


Kenna.VM Customer Research

What vulnerability management challenges were you experiencing that led you to implement the Kenna.VM (formerly Security Platform)?

Too many vulnerabilities with no way to effectively prioritize
71%
High volume of security data lacking context for decision making
43%
No way to quantify or measure risk from vulnerabilities
57%
Inefficiencies in vulnerability remediation
39%
Other
7%

Kenna Security Customer Research

What criteria do you use to evaluate the success of your Kenna Security platform implementation?

Kenna risk score reduction
76%
Reduction in Mean Time To Remediate (MTTR)
41%
Reduction in IT remediation time
31%
Reduction in vulnerability investigation time
30%
SLA Adherence
25%
Reduction in reporting time
23%

Kenna Security Customer Research

What do you view as Kenna’s primary advantage(s) over other vulnerability management platforms?

Kenna goes beyond basic risk scoring and tells me what I need to fix first
67%
Kenna provides meaningful and actionable data for remediation (remediation intelligence)
56%
Kenna provides awareness of how much risk is in our environment
52%
Kenna is updated continuously with real-time information
38%
Kenna aggregates data and reporting from multiple tools (vuln scanners, CMDB, discovery)
32%
Kenna includes multiple threat intel feeds (eliminating the need for subscription)
32%
Kenna's cloud platform scales elastically to virtually any organization size
14%

Kenna Security Customer Research

What criteria do you use to evaluate the success of your Kenna Security platform implementation?

Kenna risk score reduction
76%
Reduction in Mean Time To Remediate (MTTR)
40%
Reduction in IT remediation time
31%
Reduction in vulnerability investigation time
30%
SLA Adherence
25%
Reduction in reporting time
23%

Kenna Security Customer Research

Before Kenna vs. After Kenna: Have you seen a reduction in time spent on the following activities? (Security and IT team time combined)

Over 75% Over 50% Over 25% Over 10% 0%
Time spent on Vulnerability Investigation

16%

39%

19%

19%

7%

Time spent on remediation

12%

32%

24%

15%

17%

Time spent on reporting

27%

25%

25%

13%

10%

Kenna Security Customer Research

Please select the answer below that best describes your current engagement model between the Security and IT team:

Security investigates and prioritizes vulnerabilities; IT remediates
40%
Security investigates; Security and IT work together to prioritize; IT remediates
20%
Security and IT work together to investigate and prioritize
18%
Security investigates; IT prioritizes and remediates
10%
IT investigates, prioritizes and remediates; Security handles reporting
9%

Kenna Security Customer Research

What approach did you use to prioritize vulnerabilities prior to Kenna?

CVSS 7+
19%
CVSS 8+
18%
CVSS 9+
15%
CVSS 10
18%
Use rating system from scanner
52%
Homegrown prioritization tool
28%

Kenna Security Customer Research

What vulnerability management challenges were you experiencing that led you to implement the Kenna Security Platform?
Too many vulnerabilities with no way to effectively prioritize
69%
High volume of security data lacking context for decision making
44%
No way to quantify or measure risk from vulnerabilities
49%
Inefficiencies in vulnerability remediation
47%

Kenna Security Customer Research

Most Important Kenna Platform Features

What Kenna Security Platform features were most important to you when evaluating competitive or alternative solutions?

Data science-based risk scoring methodology
80%
Integrated real-time global exploit intelligence
69%
“Off the shelf” integrations with a wide range of security data sources
60%
Predictive vulnerability modeling
31%
Integrated remediation and ticketing
26%

Kenna Security Customer Research

Top Security Challenges Solved

What are the most important security challenges the Kenna Security Platform has helped you solve?

Addressing vulnerabilities that pose the greatest risk to our environment
86%
Quantifiable way to measure, reduce and report on risk
71%
Increased efficiency of vulnerability remediation
51%
Transforming security data into actionable intelligence
49%



More Research on Cisco Vulnerability Management