Vulnerability Management

Our Vision

Mature vulnerability management provides the best return on invest in protecting an enterprise against breaches.

Our Service

We provide a holistic vulnerability management service tailored to the client's needs incorporating vulnerability advisory services, vulnerability scans, false-positive validation, adapted scoring of identified issues, issue reporting, issue dispatching inside your organization and vulnerability resolution consulting.

Define the Enterprise Vulnerability Management Policy

Vulnerability Management is team sport involving different team players from security architecture, cyber security, security monitoring, IT operations, risk, compliance and more. In order for every team member of all those different departments to understand his roles and responsibilities, there should be clearly defined rules. Together with our clients we define the Enterprise Vulnerability Management Policy (the rule book) by which all team players need to act. We create a Policy which we agree with all involved stakeholders in an iterative manner, to create a rule book which is agreeable for all participants and meets the security demands of the Enterprise. We follow the 

IDENTIFY -> PRIORITIZE -> SCAN -> REPORT -> MITIGATE -> MEASURE -> REPEAT

lifecycle of vulnerabilities. We dive deep into every step of the process to ensure that roles and responsibilities in each phase are clear. We cover edge cases (e.g. 0-day handling, emergency procedures, escalation management) so that every next step of the process is well defined and team players have a clear path.

Security Vulnerability Management as a Managed Service

Our managed service covers all steps of the Vulnerability Management lifecycle. Together with our clients we identify the scope of the assets and regularly adapt it. We prioritize assets and ensure scans are performed on an agreed schedule and cadence. We validate scan results and adapt vulnerability scores to reflect the actual risk for the client's environment. We create a comprehensible report, which we distribute to clients through agreed channels. We validate fixes and mitigations either with the next scan cycle or on-demand once a fix has been implemented.

We provide three fixed price shirt sized packages for small and medium-size enterprises. Please contact us at sales@wallsec.de