CASE STUDIES

Optimizing Vulnerability Management Practices
and Stategies in an IT Company
.
.
https://serity.de/wp-content/uploads/2020/08/floating_image_04.png
About the implementation

 

A long-term ServiceNow customer wanted to consolidate their vulnerability remediation & reporting into a central system. This includes vulnerabilities across the whole attack surface, which includes not only the infrastructure vulnerabilities detected by multiple scanners, but also application vulnerabilities detected by different SAST, DAST & SCA tools. Additionally, they wanted to integrate their vulnerability remediation process into their existing change management practices to formally track the discovery of new vulnerabilities.

Business challenges

 

  • Fragmented security scanning tools led to duplicated vulnerabilities and a lack of transparency.
  • Multiple application security tools lacked a central remediation system, reducing efficiency.
  • Manual assignment processes caused delays in remediation.
  • Prioritization based solely on severity lacked contextual values.
  • Non-transparent tracking of remediation and closure confirmation.
  • Absence of a central vulnerability library increased costs and inefficiency.

Project approach

 

We provided business analysis and technical consulting expertise to help the client identify and achieve their target business objectives while adhering to technical best practices for a central and scalable solution. Collaborating with the customer’s vulnerability management and security teams, the ServiceNow platform team, and other subject matter experts, we delivered the following:

  • Implemented Vulnerability Response.
  • Implemented Application Vulnerability Response.
  • Integration with homegrown tools: Application Vulnerability Scanner (SAST, DAST & SCA) and Infrastructure Vulnerability Scanner.
  • Enhanced the patch management and remediation process.
  • Improved manual and automatic assignment.
  • Established reliable matching to ServiceNow CMDB for precise findings attribution.
  • Introduced ownership transparency for reporting on service owners’ performance in vulnerability management.
  • Reduced time from discovery to remediation.
  • Provided a unified experience for remediation teams across different vulnerability types.

Project Success

 

  • Seamless integration of customer Defense Architecture and Homegrown tools for Vulnerability Response and Application Vulnerability Response into ServiceNow.
  • Establishment of a Central Remediation System.
  • Mature automated assignment using CI information for precise team assignment.
  • Advanced risk score calculation for prioritization.
  • Automated remediation tracking with predefined timelines.
  • Automated closure of findings based on scanner-reported status.
  • Personalized Dashboards and Reports for continuous monitoring.

bt_bb_section_bottom_section_coverage_image