Blog

Sitting in the Dark? Shine a Light on Your True Risk.

Select image to see full infographic

In 2011, Kenna Security pioneered a risk-based approach to vulnerability management, enabling enterprises to prioritize and actively manage their vulnerabilities based on the most informed and accurate exploit, vulnerability, and remediation intelligence available. As a result, Kenna has enabled security and IT Operations teams to finally align to proactively manage the vulnerabilities that matter most.

Over the years, this risk-based approach has been validated by numerous well-respected sources from throughout the security industry, including customers, researchers, industry analysts, security vendors, and industry thought leaders. A recent addition to this validation comes from Kenna’s integration partner Tenable, highlighting the need for enterprises to conduct risk-based vulnerability management by gaining visibility across a breadth of assets, and then using deep analytics to gain a comprehensive and objective understanding of the organization’s cybersecurity posture to effectively prioritize their vulnerabilities.

At Kenna Security, we naturally couldn’t agree more as Tenable’s assertions help further validate the position that Kenna was founded on and hasn’t wavered from for the past seven years. It’s at the very foundation of the Kenna solution, and built into our entire approach to risk-based vulnerability management.

But in addition to this, Kenna also firmly believes in ingesting and normalizing security data from a wide range of sources, and then correlating it with asset-specific context, real-time exploit information, and a massive knowledgebase of vulnerabilities and remediation intelligence – and then applying proven data science and machine learning to determine a specific risk score for each vulnerability so that they can be easily prioritized based on which present the greatest risk to the organization.

Most enterprises employ multiple scanners to ensure that they find every vulnerability throughout their organization; they know that if they only have one scanner, they’re at serious risk of missing critical vulnerabilities. This is why Kenna is vendor-agnostic; we ingest the vulnerability scan data from any scanner – including those from Tenable, Qualys, Rapid7, and Tanium.

By ingesting, de-duping, and normalizing the data from all of these vulnerability scanners, the Kenna Security Platform delivers the greatest visibility across the entire environment. And then by combining more than 15 sources of exploit intelligence, an ever-growing knowledge base of more than 2 billion managed vulnerabilities, global attack telemetry, and remediation intelligence, Kenna can understand what attackers are doing in real-time and evaluate which vulnerabilities are most likely to pose a threat to the enterprise’s specific environment.

In addition, with the Kenna Application Risk Module, Kenna is the only company that fully integrates application security with the platform to provide enterprises with full visibility and accurate, informed risk-based vulnerability prioritization across the entire organization – full stack.

So we applaud our partner Tenable on their recognition of the need for deep data analytics to deliver meaningful risk-based prioritization of vulnerabilities – and we welcome the validation of Kenna’s ongoing strategy from them and any other vulnerability scan vendors in the market.

Request a demo to see first-hand how Kenna Security can provide you with the most informed and accurate risk prioritization available.