Challenge
The customer had been entrenched with a Managed Security Services Provider (MSSP) for a number of years. The MSSP was using outdated vulnerability scanning technology and wasn’t able to provide the level of coverage and service that the business required. The Chief Information Officer and his team conducted a vulnerability risk audit and it became clear that they needed to hire a new MSSP that could manage a more robust and comprehensive vulnerability management program.
Solution
The CISO and his team selected deepwatch to manage their vulnerability management program. The deepwatch Vulnerability Management Services team followed a risk-based onboarding methodology that exposed gaps in their vulnerability and patch management processes. Via collaboration and onboarding practices, deepwatch learned the company’s criteria, risk profile, and mission critical applications and systems. deepwatch developed tailored patch management and vulnerability prioritization processes for the customer.
“Initial vulnerability scans exposed over 100,000 high priority vulnerabilities that had gone unpatched.”
Results
Initial vulnerability scans exposed over 100,000 high priority vulnerabilities that had gone unpatched. After three months of close collaboration with deepwatch, the customer fixed over a million vulnerabilities. Two years later the customer has managed to significantly narrow their attack surface and protect critical assets. As a result of the program’s success, the customer renewed its partnership with deepwatch for three additional years.
