RiskSense – the industry’s only full spectrum risk-based vulnerability management and prioritization platform. © 2020 RiskSense, Inc.

SOLUTION BRIEF FOR RISKSENSE VULNERABILITY SCANNING SERVICE

RiskSenseVulnerability Scanning Service

Page 1

SOLUTION BRIEF FOR RISKSENSE VULNERABILITY SCANNING SERVICE

RiskSense – the industry’s only full spectrum risk-based vulnerability management and prioritization platform.

Raise the Bar on Finding Risk Exposure“Having the flexibility to leverage RiskSense Vulnerability Scanning service allows our team to focus on other higher priority projects.”

Faced with an ever-increasing backlog of vulnerabilities and growth of exploits in the wild, now more than ever organizations need sound risk-based vulnerability prioritization, translated into actions that prevent threats and improve their cybersecurity risk posture. Security hygiene is important, but it’s crucial that actions and remediation make measurable steps to reduce cyber risk. Do you have the manpower, experience, and tools to uncover and inventory your exposure? This entails having a complete picture of all of your IT assets and knowing their criticality to your business. Are you leveraging the most relevant intelligence to assess threats and likely attack methods? Our customers had vulnerability management programs that didn’t scale well and lagged behind in correlating exposure and attack risk. With RiskSense they achieved immediate risk-based prioritization of their vulnerabilities and the assessment ensured that nothing was missed across their IT infrastructure and web applications. Comprehensive views of their risk profile along with the delivery of results through the RiskSense platform accelerated and made their remediation effort more effective.

The RiskSense Vulnerability Scanning service greatly reduces an organization’s risk profile. New network and application vulnerabilities emerge daily, and organizations realize that they must detect and mitigate these vulnerabilities before a cyber adversary can exploit them. The quantity and diversity of vulnerabilities makes it difficult for organizations to confidently manage risk exposure by themselves or in a timely manner. RiskSense Vulnerability Scanning service helps organizations, from mid-size to Fortune 500, with a cost-effective path to achieve consistency in scanning and coverage to quickly identify, quantify, and prioritize remediation actions. This service uses best-in-class scanning tools, process, and oversight that identifies and delivers findings across all of your assets. Removing this upfront labor-intensive task allows RiskSense customers to focus on what’s truly valuable — the next move needed to protect their organization. This service propels organizations toward an effective risk-based vulnerability management program, needed to keep pace with the increasing number of vulnerabilities, rising weaponization rate, and growing attack surface. This service provides:

• The identification of misconfigurations and vulnerabilities on an organization’s network• Reconnaissance and device discovery within scope of the engagement• Detailed analysis of the assessment results, including the scanning and resulting

configuration data

MethodologyThe RiskSense Vulnerability Scanning Service methodology follows a three-step process:

Full-Service Scanning

• Configuration of multiple remote scanning tools

• Set goals and objectives• Scope of targets• Timelines• Roles and responsibilities

• Scanning• Reconnaissance• Device discovery• Enumeration and mapping • Contextualization

Scoping Configuration and Deployment Execution

1 2 3

Page 2

SOLUTION BRIEF FOR RISKSENSE VULNERABILITY SCANNING SERVICE

RiskSense – the industry’s only full spectrum risk-based vulnerability management and prioritization platform.

Modernizing Results DeliveryRiskSense Vulnerability Scanning services leverage the RiskSense platform as a key component enhancing the value we provide to our customers. All findings and associated data are passed into the platform, quickly identifying relevant vulnerabilities and their associated risk ratings, and providing easy to understand prioritized remediation recommendations. As results come in from the various scans and tests, organizations can start to take immediate action. Valuable time is recovered, and focused toward remediation, versus waiting for reports to be formalized, interpreted, and then delegated for remediation.

ServiceOur library of scanning tools include off-the-shelf, open source, and RiskSense-developed tools from our industry-leading security analysts. Our analysts verify the identification of misconfigurations and vulnerabilities to eliminate false positives using both automated and manual efforts.

Scanning Service Options• Network and Web Application Scanning

• Non-Authenticated and Authenticated (for domain-joinedassets only)

• Internal and External (internet-facing) Networks

Executive > Executive Dashboard

DASHBOARDS NETWORK INTEGRATIONS ORCHESTRATION EXECUTIVE

© 2020 RiskSense, Inc. All rights reserved. RiskSense and the RiskSense logo are registered trademarks of RiskSense, Inc. SB_VulnScanService_20200416

Contact us today to learn more about RiskSenseRiskSense, Inc. | +1 844.234.RISK | +1 505.217.9422 | risksense.com

SCHEDULE A DEMOCONTACT US READ OUR BLOG

RiskSense – the industry's only full spectrum risk-based vulnerability management and prioritization platform.

About RiskSenseRiskSense®, Inc. provides full spectrum vulnerability management and prioritization to measure and control cybersecurity risk. The cloud-based RiskSense platform uses a foundation of risk-based scoring, analytics, and technology-accelerated pen testing to identify critical security weaknesses with corresponding remediation action plans, dramatically improving security and IT team efficiency and effectiveness. For more information, visit www.risksense.com or follow us on Twitter at @RiskSense.