Cygilant Announces Industry First Integrated Subscription Service for Automated and Auditable Vulnerability and Patch ManagementBoston, Mass.
Cygilant, a pioneer in hybrid Security as a Service, today launched SOCVue Vulnerability and Patch Management (VPM), a new subscription service that unifies vulnerability and patch management into a single offering. SOCVue VPM automates the process of detection, prioritization, and patching of vulnerabilities with an auditable change management work flow to continually reduce the attack surface and improve protection against cyberattacks in a cost-effective manner.
A new report from the Online Trust Alliance (OTA) recommends regular patching and paying close attention to vulnerability reports as a best practice, while neglecting both is a known cause of breaches, noting that both should receive special attention in light of the Equifax breach. The report found that 93 percent of breaches that occurred in 2017 were avoidable, with 52 percent attributed to hacking. Likewise, WannaCry and Petya malware also spread quickly due to inadequately patched systems. Verizon’s 2017 DBIR analysis showed that only 61 percent of organizations finish the patching process and patches not installed after 12 weeks tend to go unpatched for good.
SOCVue VPM not only answers the critical question of “am I vulnerable” but also provides an elegant mechanism to fix vulnerabilities and reduce or prevent being compromised. SOCVue VPM eliminates information silos, improves collaboration among cross functional teams and increases accountability while reducing inefficiencies that impact most organizations today. IT and security teams can leverage SOCVue VPM to scan their IT environment to identify vulnerabilities across operating systems, network devices, and applications, and prioritize vulnerabilities based on business risk and deploy available patches to plug vulnerabilities -- all from a single pane of glass. The built-in auditable change management process keeps a record of “who-what-when-where” of all deployed patches.
Over the years security-conscious and compliance-mandated organizations made significant investments in leading vulnerability technologies such as Qualys, Rapid7, and Tenable. While these technologies do an excellent job of detecting large number of vulnerabilities, IT teams struggle with prioritizing vulnerabilities and are forced to use a separate patch management tool to patch these vulnerabilities. The traditional processes of managing disparate vulnerability and patch management solutions is time consuming, prone to error, and costly. As a result, it is not uncommon for IT teams to miss patching critical vulnerabilities, as was the case in the 2017 Equifax breach. Cyber criminals rely on these broken processes to exploit system vulnerabilities, unpatched systems and applications. Cygilant’s SOCVue VPM service streamlines the entire process with:
- Continuous scanning of IT infrastructure to identify vulnerabilities with support for Qualys, Rapid7, and Tenable vulnerability management technologies
- Analysis and prioritization of vulnerabilities based on business risk, exploitability, and patch availability by Cygilant’s SOC team
- A single pane of glass that provides prioritized vulnerabilities and available patches with the ability to deploy patches
- Built-in auditable change management work flow to review, approve, schedule, deploy, and validate patches to fix vulnerabilities
- Re-scanning to confirm vulnerabilities are fixed
- 24x7 availability of Cygilant’s global SOC security analysts to assist customers with detection, prioritization, and deployment of appropriate patches including Windows, Linux, Mac, and third-party applications such as Adobe and Java.
- Detailed reporting on a daily/weekly/monthly basis to meet regulatory compliance mandates such as FFIEC, PCI-DSS, HIPAA, NIST, and more.
“SOCVue VPM is a disruptive vulnerability and patch management solution that saves customers significant resources and time while increasing their security posture,” said Vijay Basani, Chairman and CEO, Cygilant. “With our global SOC security analysts working as an extension of customers’ IT teams, we become a force multiplier in continuous detection, prioritization, and patching of vulnerabilities to reduce the attack surface and mitigate risks to protect IP, customer data, and financial assets.”
Cygilant’s SOCVue® is a subscription security as a service that combines people, process, and technology to deliver a cost-effective information security program, including:
- Incident Detection and Response (IDR)
- Managed Detection and Response (MDR)
- Managed and Co-managed SIEM & Log Management
- Managed and Co-managed Vulnerability Management
- Managed Patch Management
- 24x7x365 Monitoring by Trained Global SOC Security Analysts
- Compliance Reporting
- Auditable Change Management
About Cygilant, Inc.
Cygilant, a pioneer in hybrid security as a service, is transforming how organizations of all sizes build an enterprise-class security program. Acting as a multiplier to customers’ IT teams, Cygilant provides 24x7x365 security and compliance visibility, managed incident detection, response and remediation guidance backed by best-of-breed technology, industry best practices and global SOC analysts. Cygilant is a trusted advisor to organizations that need to protect customer data, PII and PHI data, and Intellectual property against cyber threats and vulnerabilities. For more information, visit: https://www.cygilant.com
© 2017 EiQ Networks, Inc. All Rights Reserved. Cygilant, the Cygilant Logo, EiQ, the EiQ logo, the SOCVue logo, SecureVue, ThreatVue, SOCVue, ComplianceVue, ForensicVue, and Continuous Security Intelligence are trademarks or registered trademarks of EiQ Networks, Inc. in the US and/or other countries. All other product names and/or slogans mentioned herein may be trademarks or registered trademarks of their respective companies. All information presented here is subject to change and intended for general information.
← Return to all News