Kenna.VM Premier: Accelerate Vulnerability Administration with Cisco Talos Intel and Remediation Analytics

New degree unlocked. The next phase for Kenna.VM users that are maturing their risk-based vulnerability administration system is Kenna.VM Premier-and it’s live.

The Cisco Kenna team is excited release a a fresh tier of the Kenna Safety platform designed designed for customers or prospects which have reached a spot of maturity where they can and wish to accomplish more making use of their vulnerability management program.

As well as the current Kenna functionality and features you understand and love, the brand new Kenna.VM Premier tier includes:

 <li data-leveltext="·" data-font="Symbol" data-listid="1" data-aria-posinset="1" data-aria-level="1">          <span data-contrast="auto">     In-depth and actionable remediation scoring (New!)      </span>          <span data-ccp-props="">           </span>          </li>     
 <li data-leveltext="·" data-font="Symbol" data-listid="1" data-aria-posinset="2" data-aria-level="1">          <span data-contrast="auto">     Zero-day vulnerability intelligence, driven by      </span>          <a href="https://www.talosintelligence.com/">          <span data-contrast="none">     Cisco Talos     </span>          </a>          <span data-contrast="auto">      (New!)     </span>          <span data-ccp-props="">           </span>          </li>     
 <li data-leveltext="·" data-font="Symbol" data-listid="1" data-aria-posinset="3" data-aria-level="1">          <span data-contrast="auto">     Usage of Kenna’s vulnerability cleverness via an API or interface (UI)      </span>          </li>     

We’re particularly worked up about the new functions that are debuting with this particular tier. So, let’s have a closer appearance at everything that’s integrated.

 <h2>          <span>          <b>     Remediation scoring     </b>           </span>          </h2>     

 <span data-contrast="auto">     On the Kenna.VM homepage, a fresh metric will appear at the very top right corner (Figure 1). The Remediation Rating, as this measurement is well known, quantifies how well a business is addressing risk general.      </span>          <span data-ccp-props="">           </span>     
 <figure id="attachment_421521" aria-describedby="caption-attachment-421521" class="wp-caption aligncenter">          <img class="wp-image-421521 size-full" src="https://www.infracom.com.sg/wp-content/uploads/2022/11/Figure-1-Remediation-Score.png" alt width="1420" height="320" />     

 <figcaption id="caption-attachment-421521" class="wp-caption-text">     Figure 1: Remediation Rating in Kenna.VM homepage     </figcaption>     

 <span data-contrast="auto">     The Remediation Rating itself encompasses four crucial measurements (Figure 3), which might sound familiar for you if you’ve already been reading the      </span>          <a href="https://www.kennasecurity.com/resources/prioritization-to-prediction-report-volume-four/" target="_blank" rel="noopener">          <span data-contrast="none">     Prioritization to Prediction reviews     </span>          </a>          <span data-contrast="auto">      made by Kenna and the Cyentia Institute:      </span>          <span data-ccp-props="">           </span>     

 <li data-leveltext="·" data-font="Symbol" data-listid="2" data-aria-posinset="1" data-aria-level="1">          <b>          <span data-contrast="auto">     Insurance coverage     </span>          </b>          <span data-contrast="auto">     : Of most vulnerabilities that needs to be remediated, what percent was identified for remediation?      </span>          <span data-ccp-props="">           </span>          </li>     
 <li data-leveltext="·" data-font="Symbol" data-listid="2" data-aria-posinset="2" data-aria-level="1">          <b>          <span data-contrast="auto">     Performance     </span>          </b>          <span data-contrast="auto">     : Of most vulnerabilities determined for remediation, what percentage must have already been remediated?     </span>          <span data-ccp-props="">           </span>          </li>     
 <li data-leveltext="·" data-font="Symbol" data-listid="2" data-aria-posinset="3" data-aria-level="1">          <b>          <span data-contrast="auto">     Capability     </span>          </b>          <span data-contrast="auto">     : What's the common proportion of open up vulnerabilities which were closed in confirmed time period?     </span>          <span data-ccp-props="">           </span>          </li>     

 <li data-leveltext="·" data-font="Symbol" data-listid="2" data-aria-posinset="3" data-aria-level="1">          <b>          <span data-contrast="auto">     Velocity     </span>          </b>          <span data-contrast="auto">     : What's the speed and improvement of remediation?      </span>          <span data-ccp-props="">           </span>          </li>     

 <figure id="attachment_421522" aria-describedby="caption-attachment-421522" class="wp-caption aligncenter">          <img loading="lazy" class="wp-image-421522 size-full" src="https://www.infracom.com.sg/wp-content/uploads/2022/11/Figure-2-Revised-Remediation-Score-Expanded-1.png" alt width="3822" height="825" />     

 <figcaption id="caption-attachment-421522" class="wp-caption-text">     Figure 2: Remediation sub-ratings in Kenna.VM homepage     </figcaption>     


These brand new remediation insights allows organizations to shift from relying on simply the chance Score itself as a measurement to measure the performance of remediation teams. Even though many companies opt to utilize the Risk Score this way, there are inherent issues with evaluating performance in line with the Risk Score-especially for mature applications. A Risk Rating can spike at at any time because of suddenly high-danger vulnerability-a spike that isn’t a reflection on the remediation group themselves. So when organizations mature, they’re more likely to achieve a ‘steady condition’ making use of their Risk Score, that makes it a challenging metric to utilize to measure progress.

Eventually, these performance metrics can help customers better know very well what regions of their remediation efforts are usually successful and which might have to be adjusted.

 <h2>          <span>          <b>     Zero-time vulnerability intel-brought for you by Cisco Talos     </b>           </span>          </h2>     

 <span data-contrast="auto">     Another recent addition to the Kenna.VM system is zero-day time vulnerability intelligence powered by Cisco Talos. Talos regularly identifies high-priority safety vulnerabilities in used os's and software commonly. The team works together with suppliers to      </span>          <a href="https://www.talosintelligence.com/vulnerability_reports" target="_blank" rel="noopener">          <span data-contrast="none">     disclose a lot more than 200 vulnerabilities     </span>          </a>          <span data-contrast="auto">      each year.       </span>     

This new integration with Talos gives Kenna.VM customers access to info on zero-time vulnerabilities documented by the Talos study team (and apt to be in their atmosphere). With the “Zero Times” filtration system in Kenna.VM, users may isolate zero-day time vulnerabilities, investigate, and do something leveraging Snort principle IDs supplied by Talos, when applicable (Physique 3).

 <figcaption id="caption-attachment-421523" class="wp-caption-text">     Figure 3: “Zero Days” filtration system isolates all zero-time vulnerabilities in Kenna.VM Explore web page     </figcaption>     


 <h2>          <span>          <b>     Vulnerability intelligence-your method     </b>           </span>          </h2>     

The last (but definitely not least) little bit of the Kenna.VM Premier puzzle may be the inclusion of Kenna’s recently improved vulnerability intelligence INTERFACE and API. Kenna is well known because of its risk scoring, but what folks might not realize is just how much data we eat and become finished just, actionable intelligence. You can find more than 18+ risk and exploit cleverness feeds that strength our knowledge of vulnerabilities, and our vulnerability intel API and UI label of this given information open to customers.

The UI offers a dashboard to analyze any CVE-regardless of whether a scanner discovered that vulnerability in the customer’s environment. In the mean time, the API allows clients to query Kenna and export just as much of our vulnerability cleverness on as much vulnerabilities because they wish, and make use of that information to enrich any current IT, security or dev workflows, including Cisco’s individual SecureX. The info in this set contains descriptions, publication dates, CVSS data, available fixes and exploits, insight into remote control exploitable vulnerabilities, plus much more. Furthermore provided may be the Kenna Risk Rating for every vulnerability and a sign of whether it’s predicted to end up being exploitable-unique data factors derived by Kenna’s information science.

 <figcaption id="caption-attachment-421535" class="wp-caption-text">     Figure 4: Kenna’s vulnerability intel dashboard enables you to analysis any CVE to notice its risk score along with other characteristics     </figcaption>     


This intelligence, coupled with our new remediation Talos and scoring zero-day intelligence, rounds out the Kenna.VM Premier tier because the ideal package for just about any customer or even prospect who is seeking to consider their vulnerability management plan to another stage of maturity.

Kenna.Nowadays vm Premier can be acquired. If you’re thinking about learning more, get in touch with your product sales representatives or deliver us a demo demand to unlock another degree of your vulnerability management trip.

 <hr />     

 <em>     We’d want to hear everything you think. Ask a relevant question, Comment Below, and Remain Linked to Cisco Secure on interpersonal!     </em>     

 <strong>     Cisco Protected Social Channels     </strong>     

 <strong>          <a href="https://www.instagram.com/CiscoSecure/" target="_blank" rel="noopener noreferrer">     Instagram     </a>          </strong>          <br />          <strong>          <a href="https://www.facebook.com/ciscosecure/" target="_blank" rel="noopener noreferrer">     Facebook     </a>          </strong>          <br />          <strong>          <a href="https://twitter.com/CiscoSecure" target="_blank" rel="noopener noreferrer">     Twitter     </a>          </strong>          <br />          <strong>          <a href="https://www.linkedin.com/showcase/cisco-secure" target="_blank" rel="noopener noreferrer">     LinkedIn     </a>          </strong>     

 <pre>          <code>        &lt;br&gt;


%d bloggers like this: