Assessing and managing vulnerabilities is a core cybersecurity practice, but it can put a heavy strain on IT security and operations teams. In many cases, introducing vulnerability management as a service is what’s necessary to overcome the challenge of accumulating vulnerabilities across complex IT environments—especially when time and resources are limited.
This was the case for one mid-size U.S. software company that came to rely upon Tripwire ExpertOps—and specifically the work of Tripwire’s Vulnerability and Exposure Research Team (VERT)—to drastically reduce the proliferation and severity of their system vulnerabilities.
The Challenge: Risk Running Rampant
Before exploring managed services as a strategy for improving cybersecurity without adding headcount, this tech company’s IT operations team was finding it difficult to keep up with the vulnerabilities in their environment. Operations were not in an optimal state, and the team wanted to close more vulnerabilities on a monthly basis.
Their small team had also recently undergone a change in leadership and was pursuing a fresh start in terms of their approach to assessing and managing risk. This new effort led to deploying Tripwire ExpertOps, putting their vulnerability management program into the hands of a designated Tripwire expert and the continually-increasing database of over 250,000 tests provided by VERT.
Tripwire ExpertOps delivers a thoroughly-managed vulnerability management program as a service, implementing foundational cybersecurity controls in a cloud-hosted managed services model. While it is also applicable to security configuration management (SCM) and industrial cybersecurity visibility, this company opted for a vulnerability management-specific services package to address their precise goals.
The Solution: Tripwire Expert0ps
Those using Tripwire ExpertOps for vulnerability management receive guidance on remediating critical vulnerabilities in a prioritized manner based on several factors—including the ease and impact of exploit—to improve compliance and reduce risk.
Initially, a Tripwire ExpertOps expert helped the operations team with their software install for the entire operations department. This applied to over 600 servers and 400 desktops. The company started with 800 applications and were able to remove 300 applications that were outdated versions. At the beginning of the implementation, the company had a goal of significantly reducing exposure risk.
VERT analyzed the results of the scanning performed by Tripwire ExpertOps and provided the operations team with a monthly summary of goals and problem areas to focus on. Regular report analysis resulted in prioritization of which servers needed to be addressed most urgently. A Tripwire ExpertOps expert kept the operations team updated with ongoing prioritization for remediations throughout their environment. Scanning, analyzing, and defining remediation procedures for the team allowed them to use their time more efficiently, resulting in a dramatic improvement of the company’s overall security posture.
The Results: Vulnerabilities Cut in Half
During a nine-month period, this company experienced the following improvements:
- 47% decrease in applications
- 18% increase in hosts scanned
- 86% decrease in most vulnerable
- 23% increase in hosts scoring <1,000
- 77% reduction in average host score
- 42% reduction in vulnerabilities
- 51% reduction in average vulnerabilities
With Tripwire ExpertOps, the average host score on the company's systems was reduced by 50 percent. The number of overall bad scores was diminished by roughly 90 percent over the course of 10 months.
The IT operations team is now performing at a much higher level and able to execute operations based on the advice of VERT and their Tripwire managed services engineer. They can now focus their efforts more directly on security using a directed approach—with less time spent maintaining and reporting on the environment themselves—knowing the vulnerability management of their systems is in good hands.
Need Help Finding a Cybersecurity Solution?
Contact one of our product experts to find a solution that meets your security needs and reduces your business risk. Whether you have one or several initiatives to respond to, Tripwire ensures compliance, security, and flexible risk management solutions.