Secure-ISS has made a number of exciting updates in relation to our ASM Continuous Vulnerability Assessment (CVA) offering.

These range from functional and licensing enhancements through to reporting enhancements within the SecureSight platform.

Enhancements to the SecureSight reporting platform

We have made some significant improvements to our SecureSight platform.

Remediation Activities Reporting

We have recently included Remediation reporting to give customers a pulse on their patching regime. This enhancement provides both Executive and Operationally focused reports and statistics.

Key Statistics that are now surfaced up include:

• Vulnerabilities remediated (Last Month, Past 3 Months, Past 6 Months and Past 12 months).
• Mean time to remediate (Last Month, Past 3 Months, Past 6 Months and Past 12 months).
• Remediated vulnerabilities (Listings)

Functional enhancements

Agent based scanning and patching

We have had feedback during our governance meetings that understanding an attack surface was an important uplift in a security program, but it was acknowledged that this immediately introduced a new challenge. Patching the identified (prioritised) vulnerabilities in a timely manner!

Over the past 9 months we have evaluated a number of solutions to address this requirement and are pleased to announce that we now have a complete continuous scanning and patching agent available. This complete solution provides:

• Vulnerability Masking/ Virtual patching protection
• A 0 day detection engine
• Real time Asset Threat Analysis
• Real time App Threat Analysis
• Instant Feedback loop (no need to re-run scans, once you patch the agent identifies the change, reducing re-work)
• A Pre and Post patch scripting engine that allows for action(s) to be completed prior to patching and actions and validations to be completed post-patching (increase the efficiency of operational and validation tasks)
• An Asset Database – Including inventory of Applications and Versions across your fleet.

This solution enables customers to achieve Essential Eight Maturity Level 3 targets quickly, effectively and in a budget friendly fashion. With the changes to the service, we have also introduced more flexibility and options in the pricing models.

Licensing changes – more visibility included…

Unlimited discovery scanning

We also received feedback in relation to gaining FULL visibility across an environment. With our enhanced offering we are now able to deploy scanning engines for unlimited discovery scanning across an environment. This will allow customers to gain visibility into assets in unmanaged and semi-managed network segments such as Guest WiFi, Student WiFi and IOT/ OT network segments.

IOT device scanning

In addition to the unlimited scanning, we have introduced an enhanced scanning module and licensing for IOT environments. Under the new licensing regime, for every 100 agent licenses consumed, Secure-ISS will provide licensing to scan up to 500 IPs across IOT networks. This will ensure that customers have visibility into these environments along with vulnerability telemetry for IOT assets.

We are excited by the uplift this enhanced service provides to our customers. Should you wish to discuss the service in general or find out more information, please reach out to your Customer Success Manager or our sales team at cybersales@secure-iss.com.