8 questions to ask any Vulnerability & Threat Management solution vendor

Evaluating Vulnerability & Threat Management technology suppliers? Cut through the noise to get real value with these 8 critical requirements.

Vulnerabilities in the wild are at an all-time high, meaning organizations need to do more than ever to keep their critical assets safe. For many, selecting a Vulnerability and Threat Management (VTM) solution is a great place to start. But how do you find the right technology supplier? These 8 Questions will help you identify how to select a VTM solution.

#1 Does the VTM solution provide a complete view of your attack surface?

Look for a solution that provides a dynamic security model, that draws on asset and security data vulnerability scans, as well as threat intelligence, and network and cloud infrastructure including firewall configuration and network access.

#2 Will the VTM solution assess and prioritize exposures based on what matters to you?

When looking at your network, vulnerability prioritization should be based on a combination of CVE severity, asset importance to the business, evidence of exploitability in the wild, and exposure of the asset to compromise across the network.

#3 Can the VTM solution show the exact attack path(s) that make an asset vulnerable to compromise?

To better understand your risk, you should be able to see a detailed attack path analysis (including access rules and routes), which reveals the exact sequence of moves across the network from threat source to destination and supports attack simulation exercises.

#4 How will the VTM solution help to protect “unscannable” networks?

Unscannable networks such as those used in Operational Technology (OT) or to process classified data are often segregated with an air gap. The chosen technology should apply the latest threat intelligence to highlight assets at risk of compromise and automatically suggest remediations when patching is either difficult or impossible.


Vulnerability and policy management with attack path analysis reduces cyber exposure

See why our customer says the Skybox security posture management platform is ‘the best thing that has ever happened’ to him. Watch video.

#5 Can the VTM solution suggest alternative options for when immediate patching is not practical?

For these situations, your solution should automatically analyze the exposure and suggest alternative compensating controls, such as changes to network segmentation, the application of IPS signature updates, or even modifications to firewall rule tables.

#6 Will the VTM solution help me explain the value of the program to non-technical and senior stakeholders?

Find a provider who supports Cyber Risk Quantification (CRQ), which helps to identify and prioritize the risks based on the potential financial impact, express the risk in terms of dollar value, and measure risk reduction in financial terms over time.

#7 Will the VTM solution help to manage overall exposure, not just vulnerabilities?

A leading solution should also understand how the network is segmented and zoned, be able to analyze firewall configurations and rule bases for potential security gaps, assess change requests and action changes that reduce exposure.

#8 How can a VTM solution help with managing continuous compliance?

It must understand when firewall rule changes could expose previously protected assets, integrate with existing ITSM systems to formalize change requests, comply with audit requirements as well as manage and automate workflows for firewall rule creation, change verification, rule recertification, and de-provisioning.

When evaluating and selecting a VTM partner, it is critical you find someone who can help your team accurately identify, prioritize, and remediate the vulnerabilities that present the greatest risk to your business.

Discover how Skybox can add value to your current scanning tools and help you combat exposures to reduce the risk of cyber threats: